- Use unique passwords for each of your accounts. Many user accounts are compromised because a reused password was stolen from a less-secure site.
- Make your passwords at least 16 characters long. Password complexity increases exponentially for every character you add.
- Create a passphrase. Passphrases will be both more complex and easier to remember than traditional passwords.
- Don’t use the same or similar passwords on multiple sites.
- Don't use dictionary words; they are easy for algorythms to crack even using letter replacement by special characters such as @ for a or 0 (zero) for O.
- Don’t use anything that can be easily looked up online like your birthday or relative’s birthday, pet’s name, names of relatives, nicknames, or favorite team.
- Don’t store your passwords in a text file or Word document. If you are looking for a password storage solution, see the password manager advice in the Password Safety Related Article.
Yes, your accounts really are in danger of being compromised. The recommendations below can help reduce that danger.
- Use multifactor authentication (MFA) on your accounts.
- Consider using a password manager to store and randomly generate your passwords. Using a password manager is one of the best steps you can take to avoid repeating passwords.