A short password, or one using a name or a word in a dictionary, can be easily cracked by computers. And simply adding “@” for the letter “a” isn’t going to fool the bad guys. Here’s cryptographer and computer security expert Bruce Schneier’s advice on using and managing your passwords. 1. Use a “passphrase”: a sentence you can remember. Then replace each word of the phrase with its initial, a similar digit or symbol, or, at random, use a whole word. For example: MY DOG NATE WOOFS AND RUNS IN HIS SLEEP m d N8 w @ r ! h s The new password is mdN8w@r!hs. (Don’t use this one, though.) Related: How safe is my data? 2. That may still be tough to remember. If you need to, write a reminder and hide the paper somewhere safe. But write the phrase or a hint, not the password. 3. Generally, if you have a strong password, you don’t need to change it unless you suspect you’ve been hacked. But don’t use the same one for different services.