With the myriad of online accounts we all have, it’s far too convenient to just choose a password we can remember and use it everywhere. This presents a huge problem. If a service you use is compromised and your email address and password are leaked, every online account you have is now free for anyone to access.

To avoid a nightmare scenario like this, you need to secure your online accounts. Here are some top tips to do just that!

Use a Unique Password for Every Account

This is the bare minimum effort you should take to ensure that your online accounts aren’t all tied together with the same password. A unique and strong password protects your account from brute force attacks which is when a program constantly tries logging into your account with a different password until it guesses correctly.

To give you an idea of how strong a password should be, take a look at how long the passwords below would take to crack using modern brute force strategies.




0 seconds


58 seconds


3 minutes


4 hours


3 trillion trillion years

“But how will I remember all of these passwords” I bet you’re asking. Well, that’s covered with our next tip…

Use a Password Manager

A password manager is the best way to store your passwords. When you choose a reputable provider of such a service, your passwords will be stored using powerful encryption methods such as AES-CBC 256 bit and PBKDF2. This means that attackers will never have access to plaintext passwords and would have to spend years trying to crack them.

The best password managers will also autofill login forms around the web for you so you don’t even have to know them. This enables you to use strong and unique passwords for every single website.

If you’re wondering which password manager to use, here’s a handful of our favorites:

  • Bitwarden. Open source and feature packed, highly recommended! Download here.
  • LastPass. Amazing support for many devices. Download here.
  • 1Password. A great choice for businesses. Download here.
  • KeePass. Almost two decades old with great extensions. Download here.

All of these great password managers offer software and browser extensions for your convenience.

Use Two-Factor Authentication

Whilst a unique and strong password are great, you still can do more to secure your online accounts.

Possibly the best method of stopping hackers in their tracks is two-factor authentication. This is when you (the account owner) have to verify a login attempt with your cell phone, which only you have access to.

This means that even if someone else has your email address and password, they still cannot gain access unless you approve it. Approval is usually done by checking “yes” or no” in an app or typing in a code the app provides you.

How two-factor authentication works
Thanks to Marshall University for the image

There are many mobile apps available for two-factor authentication, but these are the the few we’d recommend:

These great apps all provide a backup and sync feature (be sure to enable them!) to bring your codes between devices.

We strongly advise against using ‘Google Authenticator’ as it does not provide are backup feature. If you lose or break your cell phone, your codes are lost.

Now that you’ve created strong and unique passwords for every account, stored them in a password manager and secured everything with two-factor authentication, your accounts are much safer. There are few other things you should be doing to stay safe online as well, these are:

  • Install an anti-virus and keep it updated
  • Turn off the save password feature in your web browser (no longer needed!)
  • Use a different email address for different types of accounts (unique email for banking)
  • Be careful what you click, especially in emails. Read more about phishing
  • Change your passwords regularly

Congrats! You’ve now protected your online accounts like a pro!