Passwords are the access to your e-mail, your digital workplace and all your accounts online and thus a favorite target of criminals. It is therefore crucial to come up with a strong password. A strong password is unique to begin with.

It keeps coming up in current news stories: in data breaches, login credentials including username and password are made public. Therefore, should you use that same password for multiple applications or accounts and it ends up with the wrong person, they can get into different accounts of yours.

Therefore, a rule of thumb is: make your password unique. Stay away from standard variants such as ‘welcome123’, don’t keep adding a new number to the end of your existing password and come up with something new for all your accounts. So under no circumstances use your business e-mail password for your Netflix at home as well.

A second rule of thumb is: the more characters, the better. Use at least 10, indeed alternating upper and lower case letters, numbers and punctuation.

This really doesn’t have to be complicated, like “VdL_84H*-@0qR. On the contrary, three random words or a short phrase are just as smart, as long as you don’t use parts of your username, or your company or family name, for example.

Choose, for example, ‘frypan-COOKIE-racecar’: 27 characters, a mix of upper and lower case letters, two punctuation marks; virtually unbreakable. Provided you keep it to yourself, of course. But rest assured, you don’t have to remember all those different combinations by yourself. How? Check out the next tip.

Password managers are apps that act as vaults for all your passwords. This digital vault is in turn locked with an overarching password. You can use them to store your existing passwords, and to automatically come up with new strong passwords for you. We recommend KeePass or 1Password.

There are also many antivirus software providers and VPN clients that offer a package that includes a password manager. A kind of all-in-one security package for the home, in other words! Services we recommend are NordVPN and Bitdefender.

You’ve probably seen it before: two-factor authentication (2FA, also referred to as multi-factor authentication), an extra layer of security. 2FA reduces the risk of a hacker gaining access to your online accounts by adding a second step to that password.

You can use two-factor authentication in one of three different ways; with something you know, something you have or something you are. For example, in addition to entering your password, you have to answer a specific question that only you would know, provide a code that appears on your phone, or show a biometric (fingerprint or facial recognition).

Most websites have made 2FA available from the accounts’ security settings, but you have to turn on that feature yourself.

The easiest way to read up on it and get started is through the website authy.com – a provider that provides how to set up 2FA for various services via a practical guide. A simple and smart way to lock the digital door more firmly.

You’ve probably heard of haveibeenpwned.com, the website where you can check whether your e-maildata has been leaked in a known or lesser-known data breach.

ScatteredSecrets.com offers the same insights into data breaches and also covers dating sites, for example. There are billions of leaked passwords in the database. You can instantly query whether your e-mail was involved in a leak, and just as with haveibeenpwned you can set up notifications in case your e-mail turns up in future incidents. 

The difference with havibeenpwned is that when account information has leaked, you also get to see which password has become public – or at least potentially findable on the Internet – in the process. The idea is that it’s important to find out which of your passwords are on the street, so you know which ones you should never use anywhere else.