We all dread that reoccurring pop-up box that announces it’s time to reset your password. We’ve probably all been guilty of using the same password on multiple accounts to make it easier to remember. And I bet you may have even used the “increase the number by one” strategy...

So why does it matter? Your bank, social media, shopping, healthcare, and streaming accounts are all unrelated, right? Wrong! You are the common denominator. Once an internet scammer breaks your password formula and your username, they will then go to multiple sites to test if it works on an account. Suddenly, you have a crisis on your hands that can have serious financial, reputational, and identity ramifications.

Don’t think you have anything important enough to draw the attention of a hacker? Wrong again! The criminal could be trying to access your work systems through your personal accounts such as email. They could be trying to steal your identity to run up significant credit card charges. Or, they could just be having some fun wreaking havoc on an unsuspecting person.

So, what are best practices when it comes to passwords? We’re glad you asked! Here are 9 tips to help protect your passwords.

• Longer passwords are harder to break, or compromise, as they increase the number of character combinations available.

• If you add at least one space in your password, it is dramatically more difficult to break. In fact, it can mean the difference between it taking six hours and six years for a computer to decode your password.

• The best passwords can actually be lyrics to a song, a Bible verse, or another phrase that is meaningful to you.

• Passwords that simply increase by one number each time are easier to break. i.e.: JackJones1, JackJones2, JackJones3, etc.

• Passwords containing family member names, pet names, birthdays, and anniversaries are easier to break.

• Change your password at least once per year.

• Use a password-generating app such as Last Pass to help set, store, and protect.

• Always utilize two-factor or multi-factor authentication, when possible, particularly on financial accounts. You can choose to have a text message, phone call or email with a code that must be entered before accessing an account.

• Financial institutions will never ask you for your username, password, social security number, account number, name, or address in an email, password, or phone call initiated by the business. Personal information of this type would only be used to verify your identity when you call them directly.

For an eye-opening look at how quickly hackers can figure out your password, check out this online tool: https://www.passwordmonster.com/. Testing your passwords may just prompt you to change your passwords immediately!