80% of the Cyber attacks are related to credentials - Pareto docet -. Credentials are one of the most controversial, misused yet, parts of the security chain which aims to protect services and personal information.
If you're concerned about your passwords, don't panic:
people are always the weakest link.(LOL)
What exactly do we mean with "credentials"? How many authentication factor we know and how many of them should we combine?
Let's shine the light on credentials.
We refer to an Authentication factor as a group of methods that let a user to prove to an Authentication system that the identity belong to them. As per NIST  there are 3 authentication factors:
Passwords are by far the most common, yet one of the most insecure, Authentication method. Despite their reputation, passwords are very easy to use, but they should be managed cautiously.
Here you are some advice to use passwords, serenely, and securely:
MFA is at the core of modern security principles. It's a simple habit that greatly complicates the life of the attackers.
It consists of using more than a single Authentication factor to prove your identity:
MFA is a must-have and is strongly recommended for all your accounts, especially the most critical one (e.g. your banking accounts, your accounts related to health services).
Please note: some MFA methods are more secure than others. Indeed, if you generate your OTP via an OTP app (e.g. Authy) this is far more secure than if you receive the OTP via SMS on your mobile phone . This is because of the unsecured nature of SMS: you can be the target for some well-known attacks such as SMS spoofing, SIM swap, social engineering.
We shed some light on credentials and best practices to manage them, encouraging the use of password managers and Multi Factor Authentication (possibly without SMS).
The more you use this combination of notions, the more secure you might feel.