funkyworms security sticky post is great but its almost 10 years old, does anyone know a good reliable uptodate guide on how to secure a windows machine these days?

Things haven't changed that much. Although Windows now is natively far more secure than XP was (or Vista, or 7, or whatever we were using when funkyworms first wrote that).

1. Use Win 10 and keep it updated.

2. Always use a limited user account, not admin.

3. Use Secunia PSI (I think it's now called Flexera PSI) to keep your software up to date.

4. Use Malwarebytes Antimalware premium (it is relatively cheap and definitely worth it).

5. Use your choice of the better free antivirus software (e.g. Avira, BitDefender, etc).

6. You're probably fine with the Windows firewall. But you can still use something Comodo free if you want to supplement it.

7. Use Macrium Reflect or something similar to keep your data backed up. Good practice is the 3-2-1 approach: 3 copies of your data in total; 2 of them can be local but on different devices/media (e.g. your machine plus an external hard drive); 1 offsite (e.g. cloud storage or another external hard drive kept somewhere else in case of fire, theft etc - obviously cloud is easier if your precious data is updated often). With these backups you can just restore Windows from scratch if you have a serious problem with ransomware etc.

Beyond that it's up to you.

• Use a decent browser and keep it patched.
• Use extensions that help you keep things secure.
• Don't do stupid things.
• Be aware of how vulnerable you are when on wifi, particularly other people's networks and even more so those that are free in coffee shops, airports etc.
• Be aware that free USB "chargers" for your phone might also carry data connections.
• Use two-factor authentication for every service that offers it. If your key services (mail, whatever) doesn't offer it, then consider switching. If your bank doesn't offer it as a bare minimum then run a mile.
• Scan downloads if you get them from unusual sources. Use virustotal.com if you need a second opinion on a file.

Any particular questions?

I like the convenience of Lastpass.com but its quite insecure by nature (its essentially a centralized pool of money for hackers to attack it) they have gotten hacked quite a few times and there a numerous http exploits that were done in the past (which do not need the AES encryption to be broken). So, how to store long strong passwords in a way thats is convenient but yet still secure

Lastpass is a way that is convenient but still secure. Exploits have been identified a number of times: not only is this very different to being hacked (to my knowledge it's always been vulnerabilities found by white hats) but more importantly it has never lost data. And every time it has responded quickly and transparently in fixing the issue, which is about the best you can ask from a service. So of the password managers, I would say Lastpass is actually a pretty good shout.

If you inherently distrust cloud services for managing your passwords, then your only real option is to store them locally, perhaps in a file encrypted with Veracrypt or similar. But because of the continual need to decrypt and cut and paste, that is going to be far less secure than using a cloud service.

annoying that I cant find it

NSA had Windows hardening guides and some universities + government guides can be found by searching. Pity, the NSA one was good as far as I remember.

lol at trusting the NSA to secure anything

i mean, if their advice is to use "NSArocks" as all your passwords, sure, lol at trusting the NSA.

There are other password managers that might offer some convenience with less risk. I think DashLane offers the ability to only store passwords offline, but if you have more than 1 device that might be a bit of a pita.