Computer hacker with mobile phoneIt’s one of those things that everyone knows, but rarely takes action on: password security. Yes, we all know we should be using strong passwords to protect ourselves and our businesses when we’re online. But studies show that many of us are still using passwords like “123456.” That was the most-used password nationwide last year, followed by “password,” “123456789,” “12345678″ and “12345.” Rounding out the top 10 is “111111,” “1234567,” “sunshine,” “qwerty,” and “iloveyou.”

Are you or your staff guilty of using one of these? You may want to change them as soon as possible! Chances are, your passwords could use some improvement. That’s why we wanted to share with you four easy steps you and your staff can make to protect yourself and your company:

Use a different password for every online account. You need a strong AND different password for each of your online accounts to protect yourself against hackers. Using the same password over and over makes it easy for someone to gain access to all of your accounts if they guess it.

Use phrases instead of single words. One-word passwords remain popular. Adding a few numbers to a single word isn’t a great solution, either, security experts say. Passwords instead should be comprised of a long string of seemingly random uppercase and lowercase letters, numbers and symbols. A phrase can also be a strong password. Start with song lyrics or a phrase. The more obscure, the better! You do not have to use spaces in these phrases. Just type all of the words into one, long password.

Use several special characters. Add characters throughout your password in place of letters, in between words or at the beginning or end of the password. For example, the strong password version of “TheQuickBrownFoxJumpsOvertheLazyDog” could be “Th3Qu1ckBr0wnF0xJump$0verTh3LazyD0g.” Use a not-so-obvious phrase, though, that you’ve made up yourself. Don’t include your own name or birthday or information relating to you or any of your family members in your password.

Use a password manager and two-factor authorization. Now that you have several different quality passwords for all of your log-ins, it is time to remember them. A password manager (we recommend LastPass) is a secure spot that remembers those complex passwords for you through a two-factor authentication system. Two-factor authorization requires you to provide a second form of identification, such as a multi-digit code texted to a smartphone, to log into an online account. It’s a highly secure way to protect your private information. So, instead of remembering dozens of passwords, you just need to remember one.

Speaking of two-factor authorization, using it can dramatically reduce your chances of you or your company becoming a victim of cyber crime. Use it in as many online accounts as you can. It may take a few extra minutes to log in, but it makes your online accounts much more secure.