Create Strong PasswordsIdeally, passwords should be over 8 characters long. They should use a combination of lower case letters, upper case letters, numbers, and symbols. The more random the password, the harder it is to crack. More on this shortly.
Weak Password: johndoe
Much stronger: J0hn*Do3
Update Your Password OftenThe more often you update your passwords, the less likely that you'll be to fall victim to hacking.
Never Use Common PasswordsYour partner's name, child's name, pet's name, sports team, last four digits of your social security number, city, college, date of birth, or common words/combinations like "god", "love", "password", "1234", or "qwerty" are all the first thing a hacker will guess.
Use Different Password for Different WebsitesIf you use the same password for your online banking as for your sports chat forum, you are opening yourself up to an attack. Hackers will never target websites with strong security systems like your bank. Instead they will aim for smaller sites like forums or e-commerce sites. If they can attain those passwords, the chances of them having your banking password suddenly skyrockets.
You may be saying, "but how would they get me forum password?". A simple "brute force" attack in which a server is bombarded with thousands of possible passwords for your account are very common. To a hacker it is as simple as telling a program to do it in the background while he watches TV. And these programs are very common, easily downloadable from a number of websites.
You may be saying, "But how do they know what my username is on these websites?". Finding your login ID on these sites is generally as easy as going through your cookies or web browser's cache. Most insecure website will routinely leave this information unencrypted. And if you've ever used a public computer, you're essentially handing that information over, as if it wasn't easy enough to get!
So do yourself a favor and use different passwords for different websites. Clear your cache and cookies often, and be very prudent when using public computers.
Password Cracking Explained
In a brute force hacking attack, three simple character changes is the difference between 2.23 hours and 2.21 years to crack your password. For a standard 7 letter password with just lower case letters, there are 8,031,810,176 possible combinations. That may seem like a lot, yet it would only take 2.23 hours to crack such a password using password cracking programs easily available over the web. Adding just 1 number, 1 upper case letter, and 1 symbol results in the password taking 2.21 years to crack.