I received an unwelcome email a few weeks ago from an IT-literate friend. His computer wouldn’t start, he said. He had backups of most of the data on it, but not the family photos stored there, which were irreplaceable. Could I help?

Could that happen to you? Here are five simple things you could implement over the Christmas holiday to protect your privacy and prevent your digital memories from being lost. I’ve listed them in order of priority, with the most important first. If you find yourself with a few hours to spare this holiday, sit down with a glass of mulled wine, a mince pie and a laptop, and work through these in turn.

First, set up a backup system. You don’t necessarily need to back up your whole computer, since you can always install the software again, but you do need to back up your own data, such as documents and photos, which you cannot get from elsewhere. Use cloud storage services like Google Drive (15Gb free), Microsoft Skydrive (7Gb free), Apple iCloud (5Gb free) and Dropbox (2Gb free). All of these can monitor your computer and back up your data to the cloud automatically whenever you are online. You can use more than one of these at the same time. (For example, you might use Google Drive for photos and Skydrive or iCloud for documents.) Make sure that anything that you cannot easily replace is stored in one of these folders. But you should also have a backup disk at home. The reason is that the cloud services are “hot” backups – that is, when you delete a file on a computer, it is deleted from the cloud service immediately. And that means that if you accidentally delete an important file, you might not be able to get it back. You can connect a backup disk to your computer, or (more convenient in the long run) to your home router (which then means you can transfer files to it using your home network). Apple sells a “Time Capsule” which connects to your network and includes all this automatically. You need the cloud backup as well, in case your computer and your backup disk get stolen in the same heist (or worse: your house burns down). If you need more cloud storage than you can get free from Google and Microsoft, you may want to pay one of these services for more space, or use specialist backup services such as Backblaze or Crashplan.

Second, switch on two-factor authentication everywhere you can. Passwords are not as secure as they used to be, and once someone hacks in to your email, they will be able to get into most of your other accounts too (using the “Forgotten password?” link on most websites). Two-factor authentication limits access to previously-approved computers. With two factor authentication, the first time you log in from a different computer to the one you usually use, the website will ask for information which you can only get from your mobile phone (for example, by sending you a text). That means that the bad guys would need to crack your password AND steal your phone to log into your account. You can (and should) switch on two-factor authentication for Google, Gmail, Dropbox, Apple, PayPal, Microsoft, Yahoo!, Facebook, Twitter and LastPass. Some banks also have two-factor authentification: if yours does, switch it on. (Evan Hahn has a great list of which services allow two-factor authentication and instructions for most of them.)

Third, start using a password manager. You need to have a different, strong password on every website you use (different because if the security of one site is compromised, you don’t want the bad guys to try the same email address and password combination somewhere else). But who can remember dozens of different, hard-to-guess passwords? That is where a password manager like LastPass or 1Password come in. You log in to LastPass, it takes care of logging you in to your websites. Lastpass can generate (and remember) a different complex password for each service you use. You should visit each website you use and change the password from the name of your first born to a random mixture of numbers, letters and punctuation. Admittedly this will be a boring couple of hours; but it will save you time in the long run because LastPass will be able to log you in automatically in the future. (If you only use Apple products, you can use iCloud Keychain to achieve the same thing; whereas LastPass is multiplatform.)

Fourth, put a password on your home wifi. You may not care if someone else is using your bandwidth, but if a bad guy and you are both connected to a network with no password on it, they can easily intercept whatever you are doing, including watching you log in to your bank account, read your emails etc.

Fifth, put a PIN or Pattern lock on your smartphone. Most of us have an extraordinary amount of personal data on our smartphones which could be useful to a potential thief, and they also have access to your email.

And what happened to my friend? Well we managed to connect directly to his hard disk and backup all the data (that is what the photo is above); and then we were able to fix his computer. And now he has a backup system set up so he won’t lose all his data. So all’s well that ends well.