It's still unclear exactly what passwords were stolen by Russian hackers, and how dangerous the breech might be. But whether or not you're affected, here are five ways to keep your passwords safe.
Use two-factor authentication
Passwords by their very nature are insecure. So many sites, including Gmail, Google, Facebook, and Twitter, offer two-factor authentication. That requires not just a password, but also information that you're sent in a variety of ways, such as via a text, or by a smartphone app. Yes, it's more work than just a password. But it's also very safe. For details about how to do it, check out this guide from PC World.
Don't use the same password everywhere
Remembering passwords is tough, particularly because you have so many of them. So you'll be tempted to use one or two for all of the sites into which you log in. Don't do it. If you do that and one of them is stolen, someone may be able to break into your accounts on other sites as well.
Use a password generator
If you're worried about someone breaking into one of your accounts by cracking your password, you'll need to build strong passwords. That can be hard to do by yourself. There are quite a few programs that will do it for you. Norton has a free safe password generator online that you can use. From the same site you can download the free Norton Identity Safe that stores them for you.
Change your passwords regularly
If you regularly change your passwords, you may be able to limit the damage if one of your accounts has been breached. Not uncommonly, it can take quite some time between the time when an account is breached, and when that information is made public. So if you change your passwords regularly, any breached accounts will be vulnerable for a lesser amount of time.
Watch out for signs of breaches
There are a few things you can do to check whether an account of yours has been breached. Regularly check your credit card statements and bank accounts for unusual activity, and call immediately if you find any. And check to see whether there are updates or posts to any of your social media accounts that you didn't make.