The massive Yahoo breach that has impacted hundreds of millions of users is shining a glaring spotlight on the careful art of creating a password that is secure — while also one you can easily remember.
Coming up with one good password isn't enough, though. Every account you use should have a different password, meaning the typical internet user may have at least a dozen different passwords to recall.
Robert Siciliano, CEO of IDTheftSecurity.com, told NBC News a good password is "one that you can remember, that is hard to guess and hard to crack."
"The new school of thought revolves around a phrase that includes upper case and lower case letters, a number and a character," he said.
For instance, if you can never get enough sushi, you should remember the phrase, "I love sushi." That can be made more secure by making every other letter lower case, adding your lucky number and punctuating it with an exclamation mark.
That password would look like this: IlOvEsUsHi7!
We're human, though, and sometimes we forget things. With secure, unique passwords created for your Facebook, Twitter, Gmail, Amazon, banking and any other accounts, it's also a good idea to rely on a password manager, Siciliano said.
"A password manager is, in my opinion, the single best use of your time and money as far as information security and identity theft prevention is concerned," he said.
Password managers can help you generate secure passwords and can store them in an encrypted virtual vault, allowing you to access them with a master password. They'll also log you into your most frequented sites, helping to save you the headache of remembering and typing in your password.
LastPass, Dashlane and 1Password are examples of popular free password managers. The companies also offer premium services for a small monthly fee ($1 to $3), such as syncing your passwords between your desktop and phone.
In addition to a password manager, Siciliano said it's also a smart idea to keep a master list in a password protected Excel spreadsheet.