Computer Help and Support

Never save passwords in my browser.
I configure all of the browsers I use, to NOT save passwords. I use dozens of passwords, so I have a vault program to manage them. KeePass is free and suits my simple needs, but there are plenty more. Here's a recent review/comparison from PCMag.

I use secure passwords.
That is, they are more than 8 digits long, they use numbers, upper and lowercase letters, and non-alphanumeric characters where permitted.

I use a script blocker.
Most browsers have an add-on or plug-in that you can install to prevent your browser from automatically executing scripts when you land on a new page. This is incredibly tedious at first because virtually every website uses some scripts, so the first time you go there after installing the blocker, you have to whitelist or make temporary exceptions for all the scripts on the page. That's the bad news. The good news is that in addition to whitelisting, which allows you to specify trusted sites and scripts where the blocker will permit them to run when encountered, there are an AWFUL lot of scripts out there that are totally unnecessary to do what you want to do on any given page. Leaving them blocked can speed your browsing experience and keep annoying advertising trackers, etc., from snooping you or throwing garbage at you.

I have additional download scanning enabled on my security programs.
I get the occasional false positive, but mostly things run smoothly. I'm also careful what I download. Most of what I download are .pdf documents, or images from well-managed stock sites, etc. If I want to view an image or video online I generally try to find a site where I can view it within my browser, without having to download, unless I'm getting it from a trusted source. I download some executables--freeware, etc., but I do so only from reasonably secure sites or trusted sources.

I manage my download settings carefully.
That is, nothing executable is allowed to download and run automatically. I *always* select "save" file rather than "run" file, and scan the saved file before running it. I also READ what pops up when I do run something I've downloaded: This has saved me from enabling PUPs any number of times. For example, never run Ye Olde Java updater without carefully unchecking the "enable crapware" offers that come with it.

Beyond that, safe browsing is mostly a matter of being careful, and having a little common sense. Most malware, crapware, etc., rides in on "cool" stuff-- fancy "free" screen savers, pr0n images, etc. Before you click a download link on something "cool," especially on a site you don't know well, back out, open another browser tab, and run a search on the name of whatever it is, the supplier, etc. Amazing how many times the first page of the search results will include articles from AV/malware libraries, pegging the culprit.

helpfully,
Bright