Poppa -

And don't use the same mother's maiden name for two accounts.

Never use the same password on two accounts.

Passwords:

Some sites limit the number of characters you can use in a password.

If they allow five or fewer characters, you should always try to include a mix of numbers, letters, (and characters like #!(_) if the site will let you).

Even substituting "obvious" number/letter changes - e.g. like "R1d3rs0fTh3Purpl3Sage" - multiplies the number of combinations that a "cracker" has to run through to discover a password by at least 10! = 3,628,800 (x the [number of chars]! for the password length), which takes a few more seconds to break your password.

You should always keep a record of your passwords and challenge/response questions/answers, but if you keep the record in a "plain text" document on your computer, anyone who gets into your computer can find and read it.

a. A marginally safer record would consist of all your passwords etc pasted into a graphics program and stored only as .jpg/.gif/.psd "images." OCR readers can break this, but they're significantly more difficult to "automate" so only a very few cases of crackers "reading graphics" have been seen.

b. All recent Windows OS versions let you put a password on an individual file or folder. This protection is considered "very strong" and keeps your passwords quite safe, but password protected files can be "brittle" in some cases, so that even you may not be able to access a "backup" of a password protected file, and almost never will be able to read anything "recovered" if a drive goes bad.

c. There are a number of good "password manager" (and some less good) programs that can keep track of all your passwords, safely and strongly encrypted, and enter them automatically when needed. These probably are justified only for people who have a wh0l3l0t0fpa55word5 they need to keep track of.

John