Generate randomized, strong, secure passwords.
Change your passwords periodically.
Never use the same password on multiple sensitive accounts.
Use a password with at least 16 characters. It should contain lowercase letters, uppercase letters, numbers, and symbols.
Refrain from saving your password in a web browser (Firefox, Chrome, Internet Explorer, Safari). Instead, use a tool which manages an encrypted password locker.
Do not log into sensitive accounts while connected to a public Wi-Fi hotspot.
Check that you are using a secure (HTTPS, SSH, SFTP) connection before transmitting your password over the web.