shutterstock_226282561 You’d think that Facebook CEO Mark Zuckerberg would understand the wisdom of strong passwords. But over the weekend, a group of hackers managed to access a handful of his social media accounts and vandalize them. The targeted accounts included Twitter, Pinterest, and LinkedIn. Tech-media outlets such as Engadget and TechCrunch have theorized that LinkedIn’s massive password breach is to blame; if so, that suggests Zuckerberg used the same password for multiple social-media accounts. The hackers themselves claimed that Zuckerberg’s LinkedIn email was “dadada.” Pro tip: don’t use “dadada” as a password. Hopefully Zuckerberg’s Facebook password is a little bit stronger. High-profile hacks and breaches present an excellent opportunity to review your password hygiene. Here are some things to keep in mind:

Track Your Old Accounts

Who uses MySpace anymore? Or Friendster? Or any of the dozens of social-media startups that have risen and imploded over the past decade? Even though you might have last logged into a particular account when George W. Bush was still in office, your info pertaining to that account is still in a database somewhere. With that in mind, pay attention to the news. If an ancient social network is reportedly hacked, take the time—even if it seems like an annoyance—to change your credentials on that site. (If you don’t remember the password, request a new one.) And if you haven’t changed your password to those old sites in a couple years, now’s the time to do so—preferably with a lot of numbers and special characters thrown in. The other solution, of course, is to delete your account on networks and sites you no longer use.

Strong Passwords

Most people don’t rely on strong passwords. Just take a look at the 25 most common passwords from 2015: a sizable percentage of Americans still rely on ‘123456,’ ‘password,’ and ‘12345678’ to guard their most valuable online information. Pro tip: don’t use “123456” as a password. If you have a hard time remembering long, complex passwords, this handy infographic from LifeHacker can help you build one that’s both memorable and secure. Try a “passphrase,” and substitute numbers and special characters for certain letters or words. (You could also try a password manager in lieu of remembering all your logins, although some people don’t trust them.)

One and Done

As the Zuckerberg case suggests, it’s a bad idea to use the same password for multiple accounts, as that can give a hacker access to your whole digital life. Make sure to use different passwords for all your accounts.

Double-Factor Authentication

Enable it, even if it’s annoying to check your phone for a new SMS code every time you log into a particular Website.