I sent this answer list to a relative who had questions. Perhaps some of it is useful to others as well.
0. (unasked, but answered) Any machine and operating system that you consider should be fine for "ordinary" use. If you are not modeling mechanical behaviors of aluminum frame parts in a car crash, for example, and using the computer mainly for e-mail, web, and Turbotax, then almost any rig that you look at will suffice.
- Require a password to boot, log on, or both to your machine.
- While you are using programs, save documents early, save documents often.
- Having one (two is better, three is betterer but harder to manage/remember) USB drives for backups is a Good Thing® too. You have to treat the hardware as if it will die today - being confident with backups allows that useful nonchalance.
1. Security - your best tool is your natural paranoia. Being highly skeptical of any links that you receive, not allowing most advertisements, and behaving generally as a curmudgeon results in a nearly risk-free computing life. How do I know? Because that is how I use computers.
The human element is the most vital link in a secure chain; if you do not click stuff, you are not exposed to extra risks. Or, more realistically, if you are slow & picky to click, thoughtful about what you are doing, then you are in great shape. Do not trust or install extra programs; if something that you think you care about does not work without installing xyz, then first think harder - perhaps it is safe and worth it, but perhaps not. Skipping never causes you harm. Should you accept the risk, install and try it - there are many benign and useful programs. Uninstall it later if you do not think that it should stay on your machine.
It is odd and perhaps sad that grouchy people like me are the safest, but Bad Guys have made the world this way.
2. Finances - these are under the umbrella of 0) and 1) above. You are absolutely fine if you do not trust most links, keep your machine's software updated, back stuff up, and do not lose control of your machine.
3. Privacy - using the philosophy of TRUST NO ONE is my preference. I follow the above plus the steps here. There is no perfect privacy but you can get closer to sanity in these ways.
4. Specifics - here are my opinions, feel free to use or dispose.
- No, Lifelock is not worth having. Send me $100/year and I will tell you why! annualcreditreport.com, you knowing your account activity, and the above behaviors are valuable well above what they are selling.
- Yes, different passwords provides you with "defense in depth" - should Bad Guy get access to one of your accounts, he (Russian kid? Peruvian widow? Queue up "It's a Small World") cannot easily proceed to access your other stuff.
- Yes, Geek Squad is a decent resource
Recall that this is all a big trade-off: the safest computer is not on the Internet and buried in concrete. That makes it useless, so some extra risk accompanies all changes towards interconnectedness. Being mindful and skeptical allows you to manage that risk, use and enjoy computing with an acceptable level of risk.
Finally, I do not trust any cloud vendor for any services, period. (Who's got paranoia now?! nature/nurture...)