Sharing passwords has become a very common practice among those who use the internet. Whether they’re sharing the same password to different websites, or sharing their account information with family and friends, sharing passwords can lead to dangerous situations for unsuspecting individuals.

“Sharing passwords is probably more common than we’d like to admit,” says Harrisburg University cybersecurity professor Terrill Frantz. “Sharing a password is like sharing a key to your house, in that you’re trusting the person you’re sharing it with to not use it maliciously.”

In a 2019 Google/Harris survey on online security that polled 3,000 adults age 16-50, 52% of people said they reused the same password for multiple accounts. 13% of people said they reused the same password for all of their accounts. This can be very dangerous because if a hacker gets access to an account that shares the same password with other accounts, they can suddenly have access to some or all of your information.

“The best safety tip is to not share your password,” says Frantz about the safety of passwords. “The reality, however, is that most people do share them, so the number one rule is to not use a simple word or phrase for your password. The more complex your password is, the better.”

He says a very popular technique is for users to think of a sentence, and then take the first or last letter from each word in the sentence and combine those letters to create your password. Using symbols and punctuation marks in your password makes them even stronger.

Netflix is the biggest example of a company cracking down on password sharing, sending pop-up messages to users who they believe are sharing accounts. Users must verify their account by obtaining an e-mail or text code. Netflix loses billions of dollars a year in revenue due to account sharing.

Frantz also says check to make sure websites aren’t displaying your personal information out in the open. Companies should be storing information like credit card numbers confidentially, so if your account gets compromised, the hacker(s) won’t steal your most personal information. This also applies to sharing your account with others, meaning they won’t have access to that personal information either.

He says that users should be using two-factor authentication to help secure their accounts even further. Account information is valuable, and people should be doing everything they can to help protect themselves and their information.