Password management tool NordPass recently released their list of the worst 200 passwords of 2020, based on how often they are used and easy they are to crack. According to their rankings, a simple string of numbers takes the top spot: “123456.” Over 2.5 million users had this password, and it was so easily cracked that these passwords were exposed a whopping 23.5 million times this year alone. In fact, most of the passwords in the top 200 were beaten within seconds, making millions of accounts easy targets for hackers and identity thieves.

Passwords are something that everyone needs, but no one wants to deal with. Even if you don’t spend a lot of time online, you can easily build up dozens or even hundreds of passwords across the many websites, apps, and services that you use on a regular basis. To keep it from becoming frustrating, people often make them as simple as possible and use the same one across numerous websites. But with security breaches becoming more frequent, it’s more important than ever to have strong and varied passwords in order to keep your personal information safe.

Here’s some important password advice for keeping your data secure.

Avoid Simple Number & Letter Sequences

Look over the previously mentioned “Worst 200 Passwords” list and you’ll notice several common trends. One of the biggest mistakes that people tend to make is that they’ll use a simple number or letter combinations, often ones that follow in sequence on the keyboard (i.e. ‘123456,’ ‘qwerty,’ or ‘uiop’). If you can enter your password by just running your figure down the keyboard without looking, it’s too simple. Not only are they obvious, but they don’t even take advantage of the simple benefits of having a mix of numbers and letters or lower- and upper-case symbols.

Don’t Use Personal Identifiers

It makes sense that people would use passwords that are personally relevant to them, since it makes it easier to remember. However, if someone’s trying to get into your account, what’s helpful can quickly become a hinderance, especially if you have common names like ‘ashley,’ ‘michael,’ or ‘charlie.’ You should also probably avoid using numbers like your birthday or your social security number, because while they might not be as easy for a stranger to figure out at random, these identifiers are obvious choices for someone who is specifically targeting you.

Stay Away From Common Words & Phrases

Though they might not be personal identifiers, certain words and phrases are used so often for passwords that they might as well be. Maybe you use your favorite sport (‘football,’ ‘baseball,’ ‘soccer’) or something from pop culture (‘batman,’ ‘avengers,’ ‘pokemon’). Perhaps it’s just a common word (‘princess,’ ‘monkey,’ or ‘sunshine’) or phrase (‘Iloveyou,’ ‘letmein’). They might be easy to remember, but it’s better to avoid using actual words. Especially ‘password.’

Use Unique Passwords

Ideally, you should have a unique password for all of your most important online accounts, especially for email and online banking. While you might be able to get away with reusing passwords for less important websites that don’t contain any personal or financial information, you should never do this for an account that truly matters. Additionally, if someone does manage to get into one account, they might try using the same password on other platforms and services just to see if they get lucky.

Remember: variety is the spice of life AND the key to password security.

Practice Caution While Away From Home

Even if you use strong and unique passwords across all of your important accounts, you can still open yourself up to criminals and hackers if you don’t practice good cyber hygiene outside of your home. If you enter a password while using an unsecure wi-fi connection, someone could potentially get a hold of your information, which means that it doesn’t matter how strong your password is. Also, if you use a public computer, make sure that you don’t choose to save any of your passwords since someone else could potentially use them without your knowledge.

Consider Using a Password Manager

Password managers are a type of software application that offers both security and convenience by saving all of your passwords under one single account with a “master” password for all of them. When you log into a site, you just need to remember the master password and you’re good to go. Some might argue that this has its downsides, since it means that if someone were to get a hold of your master password, they’d have ALL of your passwords. Yet since you only have one password to worry about, you can make it especially lengthy and strong to dissuade hackers. You can also enable two-factor authentication to add further security.

Ultimately, while there is no “perfect” or “unbreakable password, by avoiding a few common pitfalls and making some smart choices, you make your accounts a little bit safer.