Passwords can be your first line of defense against someone stealing your personal information (phone data, banking information, email, medical records) so it’s important to make a good one.
For a good password, you’re going to want to make one that would be difficult to guess or break. Longer passwords are better than short ones and you should use a variety of letters (capitalized and lower case), numbers and symbols.
It’s not a good idea to make your passwords out of things like
- personal information (name, birthday, Social Security number, pet’s name)
- common sequences (numbers or letters in sequential order, repetitive numbers or letters)
- dictionary words
Don’t Recycle Them
A password-protected login is often much more vulnerable when you use the same password for multiple accounts or sites. If your password is stolen from one website, all of your other accounts that use the same password are at risk.
If you ever think your password has been stolen or breached, you should change it immediately. If you've used the same password for multiple accounts, change those immediately as well.
As far as regularly changing your passwords goes, experts don’t think that this is particularly useful because most people only make small changes to their existing passwords (pretty easy for a hacker to figure out).
Creating a strong password isn’t enough on its own to protect your information and accounts. You’ll need to safeguard them as well.
Many websites require you set up security questions in case you forget your password and need to reset it. Like the password itself, it’s important to pick questions and answers that can’t be easily answered by others (your pet's name, mother's maiden name and high school could easily be guessed by someone who follows you on social media).
When available, it’s good to enable two-factor authentication for your accounts—meaning when you enter your password, you'll receive a code to confirm that it’s you that’s trying to access the account and will need to enter it into the website before you're granted access.
Just remember that anyone that has your password now has access to your private account/information. Even if you trust them, it’s possible that your password could get out by mistake (written on a piece of paper someone else saw/took).