In the age of identity theft and data breaches its more important than ever to follow some guidelines for online passwords.   Do you still have your passwords written down on a sticky note near the computer or attached to the bottom of the keyboard?   Are you still using 123456789 as your password?   Do you use the same password on multiple websites?   Then here’s looking at you, kid.

It can be a daunting task to come up with a great password that meets all of the criteria for various sites.   That’s why, once you’ve come up with one, it’s so tempting to use the same password over and over again.   And really what difference does it make if you use the same password for your department store online shopping cart, email account, and utility bill pay service?

The danger could begin with a data breach at just one of the merchants or organizations that you interact with.   With your personal data in hand the hacker could potentially login to your email account, view your history, and attempt to access other more critical sites and even reset the passwords for them.

Below is a summary of some tips regarding passwords in an article from Brian Barrett, published on wired.com.

Be unique.   Using a unique password on each site you visit is critical.   As an example, when each site has a different password, if bigboxmerchant.com is hacked, there’s less of a chance of hackers using the stolen data to access your checking account at bestlocalcreditunion.com.

Lengthier not trickier.   When it comes to passwords the goal is to make it harder to crack but easier to remember.   A longer password could do just the trick.   According to one source a twelve plus character password may even be more beneficial than a shorter password that requires special characters and is case sensitive.

Special not together.   Place your special characters and capitals throughout your password.   Don’t just put the capital letter at the beginning and digits and symbols at the end.

Extra rare.   Common phrases or pop culture references may be easier to remember, but they are easier to crack.   So, try making your password something unique while at the same time avoiding the use of personally identifiable info like date of birth etc.

Do the two step.   Take advantage of the two-step verification offered by some merchants and organizations.   Generating calls, texts, or emails with single use verification codes creates one more barrier for would be hackers to have to overcome.

With all of these different passwords, it’s understandable if you’re still writing them down.   But storing them next to the computer is handy for you, and for potential thieves.   If you must write them down try storing them somewhere secure but not near the computer.   Another option is password manager.   There are various password manager products available on the market today- check out this article on pcmag.com.