Your password is the first line of defense against cyber criminals. Follow these tips to create a smart password:
Use a unique password for each of your important accounts
Use unique passwords for your accounts, especially important accounts like email and online banking. Re-using passwords is risky. If someone figures out your password for one service, that person could potentially gain access to your private email, address, and even your money.
Change your password often
If someone has figured out your password, they might be accessing your account without your knowledge. Regularly resetting your password helps limit this type of unauthorized access.
Use a password with a mix of letters, numbers, and symbols
Using numbers, symbols and mixed-case letters in your password increases the difficulty of guessing or cracking your password. For example, there are more than 6 quadrillion possible variations for an eight-character password with numbers, symbols, and mixed-case letters -- 30,000 times more variations than an eight-character password with only lowercase letters.
Create a password that's hard for others to guess
Choose a combination of letters, numbers, or symbols to create a unique password that's unrelated to your personal information. Or, select a random word or phrase, and insert letters and numbers into the beginning, middle, and end to make it extra difficult to guess (such as "sPo0kyh@ll0w3En"). Using simple words or phrases like "password" or "letmein," keyboard patterns such as "qwerty" or "qazwsx," or sequential patterns such as "abcd1234" make your password easier to guess or crack.
Make sure your password recovery options are up-to-date and secure
Keep your passwords in a secret place that isn't easily visible
Make sure to regularly update your recovery email address
so that you can receive emails in case you need to reset your password. You can also add a phone number
to receive password reset codes via text message. Additionally, many websites (including Gmail) will ask you to choose a question to verify your identity if you ever forget your password. If you're able to create your own question, try to come up with a question that has an answer only you would know. The answer shouldn't be something that someone can guess by scanning information you've posted online in social networking profiles, blogs, and other places. If you're asked to choose a question from a list of options, such as the city where you were born, be aware that these questions are likely to be less secure. Try to find a way to make your answer unique — you can do this by using some of the tips above — so that even if someone guesses the answer, they won't know how to enter it properly.
Don't leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. If you decide to save your passwords in a file on your computer, create a unique name for the file so people don't know what's inside. Avoid giving the file an obvious name, such as "my passwords." If you have a difficult time remembering multiple passwords, a trusted password manager may be a good solution. Spend a few minutes checking out the reviews and reputations of these services.
Add an extra layer of security
Once you’ve created a smart password, you can add an extra layer of security by enabling 2-Step Verification. Not all Internet accounts have this security option, but your Google Account does. 2-Step Verification requires you to have access to your phone, as well as your username and password, when you sign in. This means that if someone steals or guesses your password, the potential hijacker still can't sign in to your account because they don't have your phone. Now you can protect yourself with something you know (your password) and something you have (your phone).