Database breaches, phishing scams and emerging artificial intelligence tools have made simple passwords passé as a way of protecting online accounts — but you still have ways to shore up your defenses.

First, you need to be proactive with longer, unique passwords and extra layers of protection. A password manager app can help, and it’s far more secure than keeping your credentials in your Notes app or written down.

Password managers can also store passkeys, a more secure way of logging in that’s intended to replace passwords altogether. Here’s a quick introduction to it all.

Password Managers

Apps and web browsers that encrypt all your passwords behind one master password have been around for decades, but Apple Passwords and Google Password Manager for Android and web browsers are relatively recent — and free. Check your home screen for a Passwords icon, or command your virtual assistant to find it. The app requires your PIN or biometric data (a fingerprint, eye or face scan) to open.

Keep in mind that having all your passwords on a device that can be stolen — and snatched themselves if someone knows your lock-screen PIN code — is a security risk of its own. Turn on Apple’s Stolen Device Protection feature in the iOS settings, or Google’s Identity Check and other theft protection tools in the Android settings, for added protections.

Both the Apple and Google apps are intuitive and can automatically generate long, unique passwords when you are creating or updating an account. The apps save passwords (and passkeys) in one place and automatically supply your credentials when you log into a site. The apps warn you if any of your passwords are weak or have been compromised in security breaches. User guides are on the Apple and Google sites.