Keeping passwords secureEach year, SplashData releases a list of the top 25 most common passwords people use, and each year it is sad and somewhat shocking to realize just how unprotected so many of us are. This year’s list was full of many repeats from years prior with “123456” maintaining its claim on the No. 1 spot, and “password” right behind it in second place. Some entries on the list were new — including “dragon,” “superman” and “baseball.” SplashData compiles the list from all of the passwords that are leaked throughout the year in data breaches, so you can be sure they represent the actual passwords people use. As cringe-worthy as it is to look at a list like this and see just how little thought some people put into creating passwords, it’s also a good reminder to check the strength of your passwords. As strong as you might think they are, your passwords probably aren’t secure enough. Fortunately, there are some steps you can take to fix that.

Why is a strong password important?

Passwords are like the keys which unlock the doors to our virtual worlds. We use them for everything from online banking accounts and email to social media and your Netflix account. If you have something worth locking up, you want a key that is difficult — or even impossible — to duplicate. Unfortunately, with the advancements being made in technology, it’s getting harder and harder to create a password that can’t be broken. But you can certainly make a much better attempt than “abc123,” another entry on the common passwords list.

How can I keep my passwords secure?

1. Think complex. It may be tempting to create short passwords using a single word or a date that’s important to you, but those are the kind of passwords that can be broken easily by a hacker (or even someone who knows enough about you to make an educated guess). What you want is a long, complex password for each individual login you create. Experts suggest using a combination of at least six lower and uppercase letters, one number and one special character. It’s a good idea to use a sentence or phrase, altering it to add numbers and symbols so it’s harder for a person to guess — or a computer program to crack. Check out our guide to creating a strong password for a how-to on this process.

2. Don’t use the same password twice. It is estimated that the average person has more than 20 password and username combinations to remember, so it’s understandable that it might be tempting to reuse a password here and there. However, if someone were to access one of those accounts, they could easily find and access other accounts that belong to you. Although it might be vexing at times to try and remember the passwords to each individual account, it’s better to be safe than sorry — especially when it comes to your online security and avoiding identity theft.

3. Consider using a password manager. Tired of trying to remember all of those unique passwords you created? Try using a password manager! These apps or programs, which are often included with Internet security software suites, store and encrypt the login information for your various accounts in a secure vault. They are available for computers as well as mobile devices, which is great considering how many times we enter passwords on the go. Most of the time, you will need to create a master password or PIN to unlock the password manager. This keeps your information securely in one place with far more security than you’d get from writing it down on a sticky note or saving it in a Word document on your desktop. When you go to log into a website, many will autocomplete the login form so you don’t have to even remember your password — it’s already there! Some password managers, like the one offered by Norton, even help you test the strength of your passwords so you can be sure they are secure enough.

Finally, some good news: People are starting to move away from easy-to-guess passwords. SplashData collaborated with online security expert Mark Burnett when creating this year’s list, and he determined that the top 25 passwords that made the list this year only represented 2.1% of passwords exposed. By making sure to create strong passwords, as well as taking advantage of other security measures available, you are doing your best to keep your passwords secure — which helps to keep your identity secure, as well.