When you do something every day — probably multiples times per day — it can be easy to forget how dangerous it is. Using smart, strong passwords is like wearing a seatbelt. Most of the time it won’t be put to the test, but it can quickly become disastrous if you aren’t prepared when it counts. As cyber criminals become more advanced, however, so must our defenses, and many of the password advice that served well ten, or even just a few years ago is no longer safe. Take a moment to make sure that you are protecting yourself against identity theft, fraud, and information leaks.

Here are the password rules that you should be following to keep your online privacy safe and secure.


What Goes Into a Strong Password?

These days, your passwords should be at least 12 to 14 characters long and contain a mix of letters, capital letters, numbers, and symbols. Stay away from simply stringing together dictionary words, as they hardly take any time for a computer to crack. Obvious substitutions aren’t too much better, either, so you’ll have to get a little more creative than swapping out your o for an 0, a for @, s for $, or l for 1. In order for you to remember your password, you’ll likely have to assign it some kind of meaning, but it shouldn’t be based on personal information about you like family member’s birthdays or old addresses. That is all information that can be tracked down with relative ease.

Instead, try this method for memorable passwords. Choose a sentence that you know you can remember, like, “The first house I ever lived in was 613 Fake Street. Rent was $400 per month.” Then, turn that into a password by using the first digits of each word, so your password would become TfhIeliw613FS.Rw$4pm.

If you need a little more guidance, try running your password through this program which will quickly test how strong your password is and how easily it can be cracked. Try comparing your current password to our example above to see just how large a difference it makes!


Change It Up

So now you have a great password, but you’re not quite done. I know how easy it can be to use the same password for every site. It feels harmless, but reusing passwords is actually a huge security risk, especially when your banking password is the same as your other, less secure accounts. It’s the digital equivalent to locking your door but leaving all the windows in your house cracked. When you reuse passwords, it only takes one hacked account — a less secure recreational site where you are more casual about privacy, for instance — to compromise all of your online information and give a hacker access to your bank accounts. A hacker can do a lot of damage with that kind of access.


Enlist A Powerful Assistant

So the best thing you can do is have a unique, strong password for each and every account. But keeping track of a different, complex password for every account can be a real challenge. Luckily, there are plenty of tools to help. Consider switching over to a password manager that will generate strong passwords for each new account you open and remember them for you. A good password manager stores all of your passwords and relevant account information in an encrypted vault and autofills them when it’s time to login. That way, you can keep strong, unique passwords for dozens of sites without actually having to memorize each and keep them straight.  All you need to remember is one password — the key to your vault. KeePassX, LastPass, and Dashlane are a few basic, trustworthy options that are free to download and use.