Today is officially World Password Day, the day to finally drop your bad password habits. No more using “sunshine”, “iloveyou”, or “!@#$%^&*” any more and to remove those sticky notes under your keyboard with passwords on them. And yes, those are some of the most used passwords today. I know you felt clever when you thought no one would figure out “!@#$%^&*”, but don’t worry, you can fix this today and I’ll show you how!

Step 1: Get a password manager

There are many out there for single users, families, and teams so you can keep your entire office secure. PC Magazine has reviewed the most popular password managers so you will find one that has the features you’re looking for. We tend to favor LastPass, but pick the one that inspires you to use it.

Start by adding your logins and changing the passwords as you add them. The tools have built in password generators that makes this process easy. Start with the important accounts, banks and credit cards, and don’t get discouraged if you don’t get all your accounts added right away. As you visit the sites, your password manager will ask you if it would be ok to remember your password and will tell you that your password is not complex enough. Be sure to not use the same password for different websites.

Step 2: Enable Multifactor Authentication

Enable multifactor authentication with any accounts that let you. This is an added layer of security in case the password gets exposed somehow. We recommend using Authy for any services that use Google Authenticator. The advantage to using Authy is that you can backup your accounts which will save you hours if you lose or replace your phone.

Step 3: Check to see if your information has been compromised

The last thing you should do is keep up with website breaches so you’re notified if a website you use gets compromised in the future. You can do this for free using Have I Been Pwned. While you’re there signing up, put in your email address to see if your account has already been compromised. If you see anything, be sure to change those passwords right away and add them to your password manager.