Account security basics
Password Safety Checklist
A strong password generator is useful, but it is only one part of account security. Use this checklist to create better passwords, store them safely, and decide what to fix first after a breach or security scare.
Use a unique password for every important account
Reuse is the biggest everyday risk. If one site is breached, attackers try the same email and password everywhere else.
Make generated passwords long enough
For most accounts, use at least 16 characters. For financial, email, cloud storage, and admin accounts, use 20 or more.
Store passwords in a password manager
A password manager lets you use strong, unique passwords without memorizing them. It also reduces the temptation to reuse easy passwords.
Turn on two-factor authentication
Use an authenticator app or hardware security key when possible. SMS is better than nothing, but app-based 2FA is usually stronger.
Replace breached or reused passwords first
Do not rotate everything randomly. Prioritize email, banking, password manager, cloud storage, social accounts, and any reused passwords.
Keep recovery options current
Check backup email addresses, phone numbers, recovery codes, and trusted devices before you urgently need them.
What to do after a breach
If a service tells you your account was affected, change that password immediately and check whether you reused it elsewhere. Then turn on 2FA and review recent account activity.
Start by generating a fresh password on the main generator, then store it in your password manager before logging out of the breached account.
Learn the basics
Read the guide to creating strong passwords that are hard to crack and easy to manage.
Choose safer tools
Compare password managers, VPNs, and account-security tools without chasing hype.