With all of our accounts online, it seems like there’s always a new request to update your password. Do you ever feel like you don’t have any more passwords left in you? It’s tough, but it really is important to update your password and make it complex and not easy for anyone else to figure out.

1. Go long, avoid the obvious

The length of your password is the first line of defense. Ideally, it should be at least 12 characters long. But whatever you do, don’t make it a string of obvious things like birthdays, anniversaries, or your kids’ names. Instead, think of a random phrase or a combination of words that are easy for you to remember but not connected to you, and hard for others to guess.

2. Mix it up

Variety is what all strong passwords are made of. Use a mix of uppercase and lowercase letters, numbers, and special characters like !, @, #, $, etc. This kind of complexity makes your password much harder for hackers to crack.

3. Avoid the obvious substitutions

Hackers aren’t fooled by the classic password tricks like substituting letters with numbers, such as replacing “o” with “0” or “e” with “3”. These might seem clever, but they’re too predictable. If you do want to use substitutions, think outside the box and be sure to choose replacements that won’t be easy for anyone else to figure out. (We’d give an example, but the whole point is to make it unique!)

4. Use a password manager

Remembering a different, complex password for each of your accounts is hard. This is where password managers come in. They not only store all your passwords securely but also generate strong, random passwords for you. So you don’t have to come up with crazy-complicated passwords, and you don’t have to remember them. Score!

 5. Update passwords regularly

Even the strongest password can be compromised (and data breaches are common), so it’s important to change your passwords regularly. A good rule is to update your passwords every three to six months, especially for accounts that store your financial information or sensitive identity information. If you really can’t come up with new ideas, you can use a free password generator to take the pressure off you.

And… stay vigilant!

Creating secure passwords and updating them frequently is a solid strategy for protecting your accounts. But you also need to keep a close eye on them, watching for any suspicious activity. Setting up two-factor identification (2FA) is also a really good idea for an extra level of security. That way, no one can log into your account without entering a code that’s been emailed or sent via text message to you.