I had to deal with another security breach last week. It could happen to anyone. Accounts get hacked. Passwords are guessed. Bad guys keep trying until they get it right. These scammers will even try to make up fake email accounts and impersonate you if they have extra motivation to deceive. In this one instance I got called out to deal with, the hacker was probably in China but they were clever enough to make it seem like they were hacking from the USA. You don’t want this to happen to you right?
You cannot MUST NOT reuse passwords for multiple websites / services. Each account needs a separate password. A password should be easy for you to remember and hard for others to guess. It should not contain family members’ names. It should not contain your street name, street number, or year of birth. Do a Google Search on yourself. Your password should not contain any key words that come up in that search. You could use a password manager like 1Password or Last Pass. However, this requires learning a new tool and I know not all of you are prepared to do this. You could use a random password generator tool, creating passwords of 12 characters or longer. https://www.random.org/passwords/ is a tool I have used with clients repeatedly over the years. If you are still saying this isn’t for you, OK, so at the very least you should do the following. Create a memorable base that you will use over and over again, then put a unique ending that helps you identify each site. Record everything in a password notebook at the very least. For example, let’s say you attended Camp Redwoods as a child and no one else knows that. Your password for Microsoft could be — ILoveCampRedwoods20msft — and then you could repeat this formula over and over again. That would be a bare minimum, but acceptable strategy. Each password should ideally be 12 to 14+ characters long. Personally speaking, I have started making my passwords 25 – 30 characters long whenever possible. ( This is very easy with a password manager.)