As we move more and more aspects of our life online, from banking and money transfers to social networks, the paranoia about keeping info and devices safe has never been higher––and with good reason. Last year nearly half of adults in the U.S. were hacked, potentially exposing their personal and financial information online. 

The tools that hackers use to take over your computer or steal information are getting more sophisticated, too. (You can see this up close in the new Norton documentary In Search of the Most Dangerous Town on the Internet.) One study found that malware increased by 26 percent in 2014, with Trojans still the most popular attack. 

While there’s no guaranteed way not to get hacked, as we move more of our every day online and hacking gets easier, here are some measures that you can take to keep your information more secure. 

Be Smart About Passwords

At this point, you should know that using something like “yourfirstname1234” as a password is not the greatest choice for keeping information safe, but a surprising number of people are still lazy about security. According to information released by password management company SplashData in 2014, “123456" was the most common password of 2013, followed by “password” and “12345678.” Using a password as basic as these is essentially asking to be hacked. You should also be careful about easy-to-guess passwords that use recognizable words like your first name, birthday, pet name, or the type of car you drive. 

Many websites require users to make a password of at least eight characters, but according to one study, your password should be upwards of 12 characters long and include letters, symbols, and varied capitalization to avoid getting hacked. You can download a number of password managers that will generate and save good passwords for you, including Dashlane, 1Password, and Norton Identity Safe. 

Although many people use online password managers like these, Mark Weinstein, a leading privacy advocate and founder of private social media platform MeWe, said he doesn’t recommend storing any passwords online, no matter how secure the service might be. He recommends physically writing down passwords or keeping passwords in an encrypted file saved to your computer. 

“The couple big mistakes people make are the simple ones,” he said. “They use the same passwords, and they don't understand a bot is the one hacking their password, and the bot is just working until it cracks it.”

He added that users should be sure to use different passwords across all platforms online. If not, someone could hack into something more benign like your Twitter account and end up in your bank account. 

Similarly, Weinstein said people should not use Facebook or Twitter credentials to log into any additional sites. Doing so leaves users especially vulnerable––hacking into your Facebook gives them access to any other account you have connected, which could include banking information and other sensitive data. For a quick and easy privacy update, check your “app settings” on Facebook to see what sites you have logged into using Facebook credentials. Unlinking these accounts is an easy way to make yourself a smaller target for hackers. 

Use Two-Factor Authentication

Take your password game a step further by using two-factor authentication, which essentially a second lock on online accounts. Even the best passwords are relatively easy to figure out, and requiring a second step can keep hackers out of your accounts. The second step usually includes entering a pin sent to your phone, or generated by a third party app like Google Authenticator. 

Many sites, including Google, PayPal, Twitter have the possibility of two-factor authentication. Opt into two-factor authentication for as many services as possible to increase your online security. 

Outsmart Spammy Emails

Most emails have spam filters, but for messages that make it into your inbox anyway, keep in mind that you shouldn’t trust anything that tells you your password needs to be updated and never download a file from an unknown sender.

“If you ever get an email saying that you've been hacked, you're about to be hacked,” said Luke Fitzpatrick, co-founder of CodeCloud, a tech platform for collaborative developments. “Double check the domains, to make sure you are receiving emails from the correct domain name.”

That means checking that something from Microsoft is actually from Microsoft and not an address that may appear the same at first glance like “Microserf.” Also make sure emails come from an official domain name like “info@microsoft.com” and not info@microsoftcustomerservice.com

Be Careful About Where You Connect

A major risk factor in online security many people underestimate is connecting to random WiFi networks. The convenience of an open WiFi connection at every Starbucks you pass or in an airport during a long layover may seem tempting, but it comes at a big cost to your security. 

Weinstein said WiFi is a port “straight into your smart device or laptop,” and using an unfamiliar network can put users at risk for viruses like ransomware, a kind of malware that hijacks your computer system and demands you pay a ransom to unlock it. 

“When you use public WiFi, you’re automatically at risk,” Weinstein said. “There are also faux WiFi systems set up so it looks like the right network. You check into a hotel, you walk into a Starbucks, and you look for the open WiFi and you can click on one that’s a fake one that looks like it’s the Starbucks one when in fact it’s not. Then you’re immediately in the hands of the hackers.”

Weinstein suggests using your phone as a secure WiFi hotspot, or purchasing a mobile hotspot like Verizon Jetpack or using a VPN instead of using public networks, which can cost as little as $20 a month and keep your devices much more secure.

Use Known Virus Detection Software

There are many expert tips for keeping your information safe from hackers, and companies like Norton offer a plethora of antivirus protection products, but at the end of the day, Weinstein said common sense is the most important tool for keeping your devices and information safe. 

“The hackers, just like any bad guy, are going to the low hanging fruit,” he said. “They’re going to go for the back door that’s open or the window that’s not latched,” he said. “They’re going to the easy hacks. So the responsibility for each one of us is to not be the easy hack.”