Passwords can be your first line of defense against stolen personal information (phone data, banking information, email, medical records) so it’s important to create one that is strong.
For a strong password, you’re going to want to make one that would be difficult to guess or break. Long passwords are best, and you should use a variety of letters (capitalized and lowercase), numbers and symbols.
It’s not a good idea to create your passwords from
- personal information (name, birthday, Social Security number, pet’s name)
- common sequences (numbers or letters in sequential order, repetitive numbers or letters)
- dictionary words
A password-protected login is much more vulnerable when you use the same password for multiple accounts or sites. If your password is stolen from one website, all of your accounts using the same password are at risk.
If you ever think your password has been stolen or breached, you should change it immediately. If you've used the same password for multiple accounts, change those immediately as well.
As far as regularly changing your passwords goes, experts don’t think that this is particularly useful because most people only make small changes to their existing passwords (pretty easy for a hacker to figure out).
Creating a strong password is just the first step in protecting your information and accounts. You need to safeguard them as well.
Many websites require you set up security questions in case you forget your password and need to reset it. Like the password itself, it’s important to pick questions and answers that can’t be easily answered by others (your pet's name, mother's maiden name and high school could easily be guessed by someone who follows you on social media).
When available, it’s good to enable multi-factor authentication for your accounts. For many services this means you enter your password and then receive a code on a device, app or by phone that you must provide before you're granted access to the account.
Minimize the number of people you share any account login information with. Anyone who has your password has access to your private account/information, and it can increase the risk of your password being revealed, shared or stolen.