Bad habits exist everywhere. But unfortunately, practicing bad habits online can have a significantly worse outcome than something like biting your nails or drinking too much coffee. Fall into the wrong habits online and things can end with identity theft, financial loss, or even company-wide data loss. So in the spirit of avoiding all that, here are a few bad online habits you should probably avoid at all costs.

Reusing passwords

Most everyone does it, but that doesn’t make it okay. Never reuse a password. And this goes two ways. Never reuse the same password at the same time for multiple accounts, and never reuse a password you’ve used in the past. Data breaches happen all the time, and if your reused credentials are caught up in the chaos, you’ll be in trouble. One breached account will suddenly morph into multiple breached accounts – which is no good. Protect your accounts with unique passwords.

Using bad passwords

Your passwords shouldn’t just be unique; they should be solid enough to pass the first few rounds of password-cracking software (or at the very least, a few rounds of guesses). Stay away from names, dictionary words, and anything that can be found on your social media accounts. Instead, stick to random phrases and always incorporate capitalizations, numbers, and characters.

Opening any and all emails

If you’re anything like the average working professional, you’re probably inside that inbox of yours every hour of every day. You jump in. Click through. Jump out. And then jump back in again later. It’s just how things are. But unfortunately, not every email is created equal. Some are for work. Some are for life. And some are for hackers. Take the wrong email seriously and you might find yourself in a whole mess of trouble. Slow down, remain suspicious, and always confirm the legitimacy of an email before you do anything.

Postponing updates

Clicking Remind Me Later is so much more appealing than clicking Download Now. Why install an update now when you can do it later? Well, there’s a problem with that thought process. Postpone an update, and you might create gaps in your security – within your apps, within your browser, or within your operating system as a whole. These gaps allow hackers, viruses, and other forms of malware to slip right on through to terrorize your data, your hardware, or anything else in-between.

Using public Wi-Fi

We all use public Wi-Fi. In fact, I’m using it right now. But sometimes, this isn’t the best route to go. Fake Wi-Fi hotspots do exist, and if you connect to one, a hacker could potentially track everything you click, type, or download. And in the process, they might even send some nasty malware in your direction. If you must connect to public Wi-Fi, do so with caution. Only connect if you’re sure the hotspot is legitimate and always try to avoid accessing private or sensitive information over a public connection.

Leaving devices unlocked

If someone steals your device, your first line of defense will be your designated locking method – whether that’s a fingerprint, a code, or a pattern. Leave your device unlocked and a thief can access whatever data it wants to access – whether this be your personal photos, work emails, or social media accounts. Again, you’re giving a hacker exactly what he or she wants… easy access.