Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here
CLOSE ×
Search
CLOSE ×
Search
Leaving AARP.org Website

You are now leaving AARP.org and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.

5 Habits That Help Keep Your Passwords and Other Data Secure

After creating unique, longer passwords for all your accounts, your work isn’t done


spinner image a phone with a lock on it
Photo Collage: AARP; (Source: Getty Images (3))

The number of publicly reported data breaches, exposures and leaks increased by 78 percent in 2023 — a leap not altogether expected because of a slight decrease in cases from 2021 to 2022, according to a report from the nonprofit Identity Theft Resource Center in El Cajon, California.

If your personally identifiable information such as name, address, account numbers, email addresses, health data, login information, Medicare ID, passport numbers, passwords, Social Security number or telephone number was among the more than 350 million records that were copied, inadvertently exposed or even ransomed, taking immediate steps to prevent identity theft is paramount. 

Having your name and address on the dark web might not be much of a problem by itself; that information used to be publicly available in the phonebook. But when scammers can match data with other pieces of information from your life, the risk increases that they could impersonate you elsewhere or target you personally for fraud.

Artificial intelligence (AI) helps that linking happen more quickly. Some people last year had data stolen two or more times. The number of people living in the U.S. is less than 340 million, the Census Bureau says.

Even if you’ve managed to slip under the radar of the worldwide web of hackers, you should make a vow to create stronger, more secure passwords to keep your data safe. After you’ve altered your scores of passwords to be lengthy and unique, you’ll still have to take steps to make cybersafety second nature.

1. Know how to lock your docs

If you’re used to writing passwords on sticky notes, you’re not alone. Nearly half of Americans age 50 to 64 say they “always,” “almost always” or “often” write down their passwords, a practice that makes security experts cringe, according to a Pew Research Center survey in October 2023. That percentage jumps to nearly two-thirds of respondents 65 and older.

Rather than writing passwords on a sticky note, some people keep a list of passwords on their computer in a spreadsheet, word processing document or notes app. If you do, encrypt or lock the file.

Here’s how:

  • On a Windows PC in an open Microsoft Word document, click File | Info | Protect Document | Encrypt with Password. Then create a password.
  • On a Mac with an open Word document, click on Review | Protect Document in the ribbon atop the story. You can set a password to open or modify the document or both. Hit OK.

For Mac users who have Pages as a built-in word processor, choose  File | Set Password and enter a desired password. You’ll be asked to type it a second time. Apple recommends adding a password hint. You have the option of checking a box to save it to your iCloud Keychain, a built-in password manager for Apple devices, then click Set Password.

2. Change your passwords regularly

If you work or worked recently for a large company, you probably were required to change your password every 90 days. You may have seen a countdown calendar tucked among the many icons on your computer screen.

Cybersecurity experts remain divided on the frequency of modifying passwords, but most suggest every three months. Set a calendar reminder or think about it as part of your routine when the seasons change.

If you learn either through news reports or notification from a company whose systems were hacked that your account was compromised, change that particular password immediately — and maybe some others if you’ve been a password recycler. Don’t delay.

Making minor changes to an old password is not helpful, the National Institute of Standards and Technology says. Attackers can apply the same minor tweaks to gain access to your accounts.

3. Install antimalware apps, keep them updated

If you don’t have antivirus software on your devices, install reputable apps such as Bitdefender, McAfee or Norton, to protect you from ransomware, spyware, Trojan horses, viruses and worms. Device manufacturers, eager to tamp down attacks on their equipment and their reputations, are including more of this security free with purchase.

Whether you decide to add third-party protection for a subscription or stay with what’s free, keep the software updated. You can set your devices to automatically update operating systems and antivirus software, so you don’t have to remember. Set updates for your hardware, too, such as a wireless router and printer.

4. Use two-factor authentication or a VPN

Make it tougher for cybercriminals to access your online accounts by adding a second layer of defense. Multifactor authentication, also known as two-factor authentication, adds a layer of security on top of your password or biometrics with a onetime code typically texted to your mobile phone, sent to your email account or even called via voice bot to your landline telephone.

Or you can opt for a virtual private network (VPN) that connects to a secure, encrypted server, keeping you anonymous and safe even if you’re accessing  public Wi-Fi.

5. Be prepared for your death

After years of online activity, our digital footprints become our legacy of sorts.

Getting your accounts organized and your passwords secure will help your loved ones deal with your affairs when you die.

Some websites and password manager apps let you identify a digital beneficiary to access your accounts. The key is to let that person know in advance, so they’re prepared to follow your wishes and can access your digital vault.

Unlock Access to AARP Members Edition

Join AARP to Continue

Already a Member?