Hackers have exposed millions of passwords from Facebook, Google, and Twitter.  In general, it seems, passwords just don’t do the job anymore – many experts believe two-factor authentication needs to become the norm sooner rather than later.

But for now, there’s a lot you can do to create better passwords that improve your odds.  Here are some expert tips:

• The longer the better.  The strength of passwords increases exponentially as their length increases.  An eight-character password is far, far better than one with six characters.
• Be sure to use all the characters at your disposal.  Ideally, a password will include upper- and lowercase characters, at least one numeral, and at least one special character.
• Don’t use the same password for all your accounts.  If you do and one password is compromised, you are in deep trouble.  While it may be impracticable to create a brand-new password for every single account, experts say you should have at least three: one for relatively low-risk uses, such as online bulletin boards; one for midrange security, such as online shopping accounts; and one highly complex password for high-risk activities like Internet banking.
• Because long passwords are hard to remember, consider a passcode.  This is a phrase that you can remember but that will be virtually impossible for others to guess.  For example, you might start with the phrase “Brady 12 is the man,” and twist it to brady12daMAN!  Note the upper- and lowercase letters, numerals, and special character.
• Never use the following in your passwords: Your date of birth, your pets’ or children’s names, your date of birth, your college mascot, or your spouse’s name or birth date.