Regular readers of PCMag know that we strongly advise using a complex and unique password for every website, and that the only way to do this is with the help of a password manager. Loading that tool with all your passwords is a good start, but the job doesn't stop there. You're not fully protected until you replace every weak and reused password with a unique password that nobody could guess, and that not even you could remember. A brute-force password cracking attack might well hit on a password like Rover, but it will fail when the password is something like ApiDiS57IhY1M#t%qIEg.