When a site prompts you to create a password: create a strong password — the more characters it has, the stronger it is. Using a passphrase is one of the simplest ways to ensure that you have a strong password. A passphrase is nothing more than a password made up of multiple words such as “beehoneybourbon.” We recommend you also use a unique passphrase for each device or online account. This way if one passphrase is compromised, all of your other accounts and devices are still safe.
Can’t remember all your passphrases?
Use a password manager, which is a specialised program that securely stores all your passphrases in an encrypted format (and has lots of other great features too!). Finally, enable two-step verification (also called two-factor or multi-factor authentication) whenever possible. It uses your password, but also adds a second step, such as a code sent to your smartphone or an app that generates the code for you. Two-step verification is probably the most important step you can take to protect your online accounts and it’s much easier than you may think.
Additional Security Matters articles about passwords: