Which password practice is recommended for protecting personal information online?

Protecting personal information online relies on using complex, unique passwords for each account. A strong password, long and made from a mix of upper and lower case letters, numbers, and symbols, is much harder for attackers to guess or crack. Creating a unique password for every site means that a breach at one service doesn’t unlock access to your other accounts. This guards against credential-stuffing attacks and limits the damage from any single site’s breach. Practical steps include using a password manager to generate and securely store long, random passwords and enabling two-factor authentication wherever possible. Avoid sharing passwords, avoid simple passwords, and never reuse the same password across sites.