It's not an easy task keeping track of all of our usernames and passwords, and that's why many keep the same username and password for all of their online activity.  

"That's not at all advisable,"  said CSLEA Foundation Chairman Kenny Ehrman. "Unfortunately we have to mix things up, because if your login information is breached, you don't just have one account exposed, everything becomes vulnerable."

The Federal Trade Commission recommends that you:

·       Use multi-factor authentication when it's available.   Multi-factor authentication means you are required to submit additional information after your password, for instance a code that has been texted to your cell phone.

·       Create complex passwords.  That means more characters and using upper case, lower case, symbols and numbers. It's best to put non-lowercase letters in the middle of your password.

·       Carefully select the security questions associated with youronline accounts.  If your answer can be found in public records or on your Facebook page, don't choose those questions.  Also don't choose questions in which a identity thieve can guess the answers to, because of the limited number of answers, ie; the color of your first car or your favorite color.

If your username and password have been breached:

Change the password on your accounts and check your accounts for charges you don't recognize. 

(FTC - Passwords breaches - What to do)