Your passwords should be difficult to guess, and you should never, ever reuse them on different sites.
“Passwords are the keys to the IT castle and it doesn’t matter how strong your walls are if the lock on the door is easily picked. And that, unfortunately, is why we have to keep talking about them – users remain stubbornly attached to passwords like 123456 and password that are so bad they can be cracked in less time than it takes to type them. Cracking programs know all the popular passwords (and how popular they are), and know the tricks that people use to obfuscate passwords by adding funny ch@ract3rs.
Our advice – Your passwords should be difficult to guess, and you should never, ever reuse them on different sites. If you can only remember one strong password, try a password manager. Change your passwords promptly if a crook might have got hold of them. Use two-factor authentication (2FA) if you can. 2FA usually means running a special app on your mobile device to generate a single-use login code, or receiving a login code via SMS. By bringing a second device into the login equation, and by making the 2FA codes valid for a short time (e.g. 30 seconds) and a single use, you make it harder for the crooks to login as you.”
