SALT LAKE CITY — Nearly everyone takes care to lock their doors and keep the keys safe, but when it comes to digital keys, we're often far too cavalier.

Passwords are our digital keys and proper care of them is critical to protect our identities, our reputations and even our money. Without extra precautions, anyone who has your password can pretend to be you and download your files, transfer your money, send emails or post on your social media — from anywhere in the world.

Security experts give a lot of advice on passwords, but it can often be so complex and burdensome that it becomes unreasonable for the average Joe.

By understanding and practicing a few simple principles, you can keep yourself much safer. Here are six practical ways to keep your password secret:

1. Identify which of your accounts need the most protection

It's probably obvious that your online banking passwords (including credit card accounts) are pretty important. However, your email password is also critical. If someone gets control of your email, they will be able to reset most of your other passwords and take control of multiple accounts.

Nowadays, every little website or app requires you to register with a password. Most of those passwords, however, aren’t protecting much more than your settings or the high score on your game and don’t need as much care.

2. Make important passwords difficult to crack

Your most important passwords need to be difficult to crack by both someone who knows some things about you and computers that can make billions of guesses in a second.

Unfortunately, many people use common passwords like “12345," "password” or similar patterns that can easily be guessed by anyone, even without any knowledge of the password user. Password-cracking programs often use dictionaries of words, names and other stolen passwords, making it a cinch to break most common passwords.

A strong password needs to have certain characteristics:

• The longer it is, the stronger it is. 6 characters is pretty weak. 14 characters is very strong.
• The password should look random. It shouldn’t be made with common words or patterns and shouldn't be your birthday, address or other facts about you.
• Adding numbers, symbols and uppercase characters increases strength.

This may make it more difficult to remember the password, but here is a simple trick that can help:

Think of a phrase. Something easy to remember, but unique. For instance, “Row, row, row your car gently down the street.” Now take the first letter of every word: “rrrycgdts.”

This is 9 characters and looks random. Adding a few numbers would make it even better. You could do this with a favorite or meaningful number or by modifying your phrase. “Row, row, row your 5 cars gently down the street” becomes “rrry5cgdts.”

Related:

5 ways to keep yourself safe from hackers in 2017

As our lives become more digitized, 2017 is bound to bring more breaches in security. Here are five ways to secure your digital life and keep your personal information where it belongs this year.

3. Never use the same password twice

This is probably one of the most important, yet unheeded, pieces of advice.

When passwords are stolen, they are usually shared with other hackers. So if you use the same password to register for myPrettyPony123.com as you do for Gmail, then when myPrettyPony123.com is hacked, the whole hacker underground can also gain control of your Gmail account, bank accounts and more.

The best way to remember hundreds of unique passwords is to use a password manager (we'll go into more detail on that later), but you can also create a simple pattern for less secure websites and use a few very unique, strong passwords on the critical sites you’ve identified.

To create a simple pattern, combine a reusable, random-looking string of letters and numbers with something that is unique, but easy to remember for the website.

For instance, brg354 may be the initials of your fish, dog and cat, and the last digit of the year that you got them. Then for myPrettyPony123.com, you could add the first letters of the words of the website (“mpp”), so your password would be brg354mpp and funBeanyBabies.com would be brg354fbb.

This prevents one stolen password from giving hackers access to all your accounts. However, make sure you don’t use this same pattern with important websites.

It would be easy for a human who is targeting you to guess one password from the other. Only use this technique with simple web registrations that are not protecting important data.

4. Don’t click on links and then enter in your name and password

A favorite tactic of hackers is to send an email that looks legitimate with a link to a reputable-looking, but fake, website. Their goal is to get you to enter your username and password into the fake site that they control. If you do, they'll have access to any accounts with that username and password. These types of emails are called phishing attacks.

One easy way to avoid this is to log in using your own bookmarked site or to type in the website into the address bar. From there, you can use the site menus to get where the link was supposed to take you.

You can also learn to carefully read the URLs to ensure you are on the correct site before entering a password, though phishers are very devious and can easily fool you if you aren’t an expert at reading URLs.

Related:

7 ways to keep you and your computer safe from malware

In the wake of hoaxes like the Google Doc scam, gone are the days when anyone could open an email and know they were protected from disastrous results. Here are seven ways to keep you and your computer safe.

5. Turn on two-factor authentication

Websites that handle a lot of personal information like Google, Yahoo, Facebook, Apple and some banking sites now offer a security feature called two-factor authentication or multi-factor authentication.

This combines something you have (like your mobile phone) with something you know (your password) so that, even if someone hacks your password, they can’t get into your accounts because they don’t have your phone.

If you turn on two-factor authentication for Google and then try to log in to your Google account from a computer you haven’t used before, it will ask you for your password, then send a message to your phone. You will either have to enter a code from the phone message into the Google login or you can set it up so you only have to press a "yes" button on your phone.

This site can help you set up two-factor authentication for different accounts that offer the service:

Two Factor

Password managers are fairly self-explanatory — they are tools to help you manage your passwords. There are browser extensions, websites and apps that help you generate, remember and enter passwords.

This makes it really easy to create long, random, unique passwords for every site. There are free ones and paid ones, as well as ones that store your passwords locally or in the cloud. To learn more about the options available, check out these two reviews:

• Tom's Guide
• PC Mag

Browsers also have limited password managers that offer to save your passwords for you. They are not considered very secure and are meant more for convenience than security.

It is fine to use them for less secure sites, but you may want to think twice before using them for critical things. Especially when someone else, perhaps a burglar or visitor, might be able to access your computer.

While a password breach is something most assume won't happen to them, if it does, it can wreak havoc on everything from personal finances to identity. Password safety doesn’t have to be overwhelming, but it does pay to take a few, precautionary steps to ensure your safety.

Darren Croft has a masters degree in Electrical Engineering, is CIO of a small, local business and is President of Qualint. Reach him at dvcroft@gmail.com