Use unique passwords for important accounts

It is good to use different passwords (and different recovery question/answer combinations) for your important accounts.  Many of the data breaches in the past year have shown that people use the same passwords for multiple accounts.  The problem arises when different websites use different levels of security to store these passwords.

For example, a banking or health insurance website would use much greater level of security to store your password and data than a blog or online newspaper might use.  If you use the same password (or password recovery question/answer combination) for your bank as for your blog account, you are at risk in the event that the blog gets hacked.  Criminals routinely try username/password combinations that they steal from lower-security websites to see if the same combinations work in higher-security websites such as banks or health insurance webpages.

Criminals will often also try variations of passwords that they steal. For example, if the password that was stolen is boston1, criminals will use specialized software to automatically try boston2, boston3, etc.  – so your passwords should ideally be significantly different from one another.

Keep your important account passwords separate from your low-security/less important website passwords.

Back to how to create a good password