HOW-TOMay 20, 2025·5 min read

Password Hygiene Checklist: 15 Things to Fix This Weekend

Fifteen concrete steps to go from average password hygiene to above-average. Most take under five minutes each.

Do these first — highest impact

  1. Check your email password against breach databases. Your email account is the master key — reset every other password from it. Run it through PassGeni's breach checker now. If it's been compromised, change it before anything else.
  2. Enable 2FA on your email account. Use an authenticator app, not SMS. Google Authenticator, Authy, or 1Password TOTP. This single change eliminates the most common email account takeover vector.
  3. Install a password manager. Bitwarden is free and excellent. 1Password is $3/month and has better UX. This is the infrastructure for everything else on this list.
  4. Change any reused passwords. Search your password manager (or Chrome's Password Checkup) for passwords used on more than one site. Change each reused password to a unique one generated by PassGeni.
  5. Check your most important passwords against breaches. Banking, work email, cloud storage, social media. If any appear in breach datasets, change them immediately.

Do these this month — medium impact

  1. Enable 2FA on your financial accounts. Bank, brokerage, PayPal/Venmo, cryptocurrency if applicable. Use authenticator app over SMS.
  2. Run a bulk password audit. PassGeni's Password Audit Tool checks up to 10 passwords at once for entropy, breach exposure, and pattern weaknesses.
  3. Update your 5 weakest passwords. Your password manager can sort by password strength. Find the weakest five and replace them with PassGeni-generated credentials.
  4. Delete accounts you no longer use. Every unused account is an attack surface. Delete or deactivate accounts for services you haven't used in a year — justdeleteme.com has step-by-step deletion guides for most services.
  5. Set up breach monitoring. Have I Been Pwned's notification service emails you when a new breach contains your address. Free, immediate notification beats manual checking.

Do these when you have time — good hygiene

  1. Switch your most-used accounts to passphrases instead of complex passwords for easier recall.
  2. Review who has access to any shared accounts (streaming services, team tools).
  3. Generate your WiFi password properly — use PassGeni's WiFi QR Generator with a strong passphrase and print the QR code.
  4. Back up your 2FA backup codes and store them in your password manager.
  5. Review app permissions on your phone — revoke any apps that have access to more than they need.
Key topics
password hygienesecurity checklistaccount securityweekend securitypassword health
Was this post useful?
Frequently asked questions

Questions about this topic

How long does it take to improve password hygiene significantly?

+

What is the single most impactful password security improvement?

+

Do I need to change all my passwords at once?

+
More posts

Related reading

Password Security for Marketing Teams: Shared Accounts and Agency Access

7 min read →

How to Use a Passphrase Generator: The NIST 800-63B Guide

6 min read →

Multi-Factor Authentication: The Complete Setup Guide for 2025

9 min read →