Three simple tips to help protect and keep track of all your online log-in info.

Do I really need several different passwords?
Yes, you should have a unique password for every online account, even the retail ones, because scammers have been known to hack into those, too. To be extra safe, you should change your most important passwords—those for e-mail, financial institutions, and sites like PayPal—every 6 to 12 months.

How can I remember all my passwords?
Good news—you really have to commit only one to memory. Create a Google document at (The password to this secure account is the one to remember.) In the file, list all your log-in details, including screen names. You’ll be able to access it from anywhere in the WWW (as in whole wide world).

What is the key to coming up with a secure password?
Length. Use 10 characters or more, says Mark Burnett, author of Perfect Passwords (Syngress, $26, “Best are passwords that consist of a few parts”—words, prefixes, spelled-out numbers. Good examples: bluebananas and skyisfalling. “They’re easy to remember, and when you’re prompted to switch your password, you can just swap out one chunk,” he says. With this method, foursaltypeanuts becomes foursaltycashews.