Tips for Better Password Management
Some tips on how to better manage your passwords.
Use a different password for each online service
The reason for this is that if one of the many websites you use get hacked, they are unable to attempt to use that username/password combination succesfully on other web services that you use. Many web browsers and modern operating systems offer automated complex password generation and storage services. Use it!. Also be sure to use complex, random passwords that do not use easily guessable words or numbers such as your birthday, names of family members etc.
An even bigger problem occurs if that same password is used for your online e-mail as well, since your e-mail is part of the login information for most websites. Once hackers have access to your main e-mail account, they can use the reset password service to access all of the services connected to your e-mail address. To further increase security, you might want to setup an e-mail alias to use on external websites that require an e-mail address as part of the login process, keeping your actual e-mail address separate and hidden.
Use a password management service
Keeping track of all the different usernames and passwords you use can get difficult. Don't reach for your Notes application or a piece of paper to store this information! Instead, you can use the built-in password management application on your operating system or an online service such as 1Password or Lastpass. The built-in services are usually good enough, but if you have more complex requirements such as using multiple operating systems or needing to share secure information with family or team members, then the online services might be the way to go. Most of them can also inform you of security breaches of services you use as well as letting you know if the passwords you use are part of a breach.
Turn on Two factor or Multi-factor authentication
If a web service you use offers it, turn on Two factor authentication. Most websites use single-factor authentication requiring a single piece of information: your password. More and more websites allow you to use two factors of authentication, usually a security code that is generated or sent to a device that you own such as your mobile phone. Multi-factor usually uses biometric information such as your fingerprint or facial recognition. Where possible, turn these on so that even if your password is compomised they are still unable to login and will need to have physical access to you or a device that you own.