Here are the primary FBI recommendations for securing your home computers and network, focusing on their latest guidance for authentication and device hygiene.

1. Lock Down Accounts with Two-Factor Authentication (2FA)

The FBI strongly urges the use of 2FA (also known as Multi-Factor Authentication or MFA) on all accounts that offer it, particularly for email, banking, and web hosting or domain management accounts.

• Move Beyond SMS: The FBI and other federal cybersecurity agencies have issued warnings against relying on SMS text messages for 2FA codes. Texts are increasingly vulnerable to SIM-swapping attacks and interception.
  
• Use Stronger Factors: Instead of text messages, opt for a dedicated authenticator app (like Google Authenticator or Aegis). For the absolute highest level of phishing resistance, hardware security keys are the gold standard and are highly recommended for protecting your most critical infrastructure and credentials.
  

2. Harden Your Router and Wi-Fi Network

Your router is the front door to your home network. If it is misconfigured, every device behind it is at risk.

• Change Default Credentials: Never leave the router's admin username and password as "admin" or "password."Change them immediately upon setup.
  
• Upgrade Encryption: Ensure your network is using WPA2 or WPA3 encryption. With the wide availability of Wi-Fi sniffing tools and exploits like AirSnitch, older protocols like WEP or basic WPA are easily bypassed by nearby attackers.
• Disable Remote Access and UPnP: Turn off Universal Plug and Play (UPnP) and cloud-based remote management features. You should only be able to change your router settings when you are physically connected to your home network.
  
• Obscure Your Network Name (SSID): Don't use your name, your address, or the router's brand as your Wi-Fi network name. Keep it generic so it doesn't offer clues to attackers.
  

3. Segment Your Network

The FBI recommends keeping your Internet of Things (IoT) devices—like smart TVs, thermostats, and security cameras—on a completely separate network from your personal computers and phones.

• Set Up a Guest Network: Most modern routers allow you to create a secondary "guest" network. Connect all your smart home devices to this network. If a hacker compromises a weakly secured smart appliance, network segmentation prevents them from moving laterally to access your primary computer or financial data.

4. Practice Core Device Hygiene

• Automate Updates: Turn on automatic updates for your operating system, web browsers, router firmware, and all software. Timely patching is the single most effective defense against known exploits.
• Use a VPN on Public Wi-Fi: If you are connecting to public Wi-Fi at a coffee shop or airport, avoid logging into sensitive accounts. If you absolutely must, use a reputable Virtual Private Network (VPN) to encrypt your traffic.
• Maintain Offline Backups: Keep offline backups of your most important files on a disconnected external hard drive. This is the FBI's primary recommended defense to ensure you don't lose your data if you are hit by a ransomware attack.