While it’s easy to use personal information for your password (it makes it simple to memorize your passwords), it makes it easier for hackers to brute-force hack your accounts. Why?

With Google, Whitepages, and social media, it’s easier than ever to find your personal information online, including:

• The names of your spouse, children, parents, or pets.
• Your favorite band, sports team, or vacation spot.
• Important dates like your birthday, anniversaries, or your child’s birthday.
• Your home address – house number, street name, town, zip code, or state.

Avoid using identifying information, as it could be tacked down by a malicious actor to compromise your personal information.

The most popular passwords use simple to remember patterns. It’s important to create random passwords to avoid falling prey to such patterns – this includes numbers, letters, symbols, and capitalization. For example, rather than a “abc123”, make a random password like “A2km?84B!eHcD3$”.

Most new devices – internet routers, smart home devices – come with a default password, often as simple as “password”. They’ll also include a warning which tells you to change the default password to something stronger once logged in.

However, many people still keep that default password. This is a significant security risk as a hacker who knows what devices you’re using in your home could easily hack them and gain access to more of your personal information and digital accounts.

Never reuse a password. While convenient, the risk isn’t worth it. If one of your accounts gets breached, others are sure to follow: first it’s your Facebook account, then your Gmail, and finally your bank account. Protect every account you create by always generating a unique, random password.

Storing your passwords in Microsoft Excel or Windows Notepad may feel convenient, but it’s a significant security risk. Your passwords are easily accessible when stored in their unencrypted, plain-text format – the most novice hacker could compromise your entire digital life in seconds.

You need to store your passwords in an encrypted password manager, which safeguards your passwords and most sensitive information so only you can access them.

If you’re not using a password manager, you may think the easiest way to share your passwords with friends and colleagues is through email, by text message, or through Slack. Doing so compromises your passwords, though. You or whoever you’re sharing your password with may have unknown malware. And even if it’s safe to do so at the time being, that password could be stolen in a future data breach.

Instead, only share your passwords through a safe method, such as through an encrypted password manager.

While “19musicman56” and “35musicman73” are different, they’re far too similar. If the first passwords were ever compromised, it wouldn’t take a hacker long to guess the second.

A strong password is one that resembles nothing like another password you’ve created or generated in the past. Use a password generator to avoid creating passwords that are essentially the same as one another. The LastPass password generator will create a truly random password every time.

If you haven’t updated an account password in years, it could be weaker than you remember. And even if your generated password is strong, there’s a chance it could be compromised in the future.

Data breaches – where users’ personal information and passwords are stolen – happen to businesses, from social media companies to eCommerce shops. If you’re unaware your password was leaked in the past, it’s continually putting the rest of your accounts at risk. A password manager like LastPass informs you of your password security around the clock, with an up-to-date security dashboard – which monitors password strength across your accounts – and dark web monitoring, which constantly scans the dark web for compromised credentials. Once notified of a weak password or potential, you can immediately take action to update your passwords and protect your personal information.