If your password has been breached, changing your password is the first step you should take. Hackers can use breached login credentials to try and gain access to other online accounts putting them at risk. Therefore, you should also change passwords for any accounts that have the same or a similar password. 

When choosing a new password, you may want to consider using one of these methods to create a strong password: 

• Create a password that is at least 8 characters long, preferably longer, including upper- and lower-case letters, numbers and symbols 
• Combine three completely random words that aren’t related to you, numbers and symbols can also be added (e.g. &bluetreemouse55) 
• Use a password generator and manager as it can be difficult to remember unique passwords for every online account

Avoid the following: 

• Generic weak passwords such as password1234, abc123, qwerty. 
• Including any personal information such as your name or DOB, or words that can be easily associated with you. (e.g. the place you are from, the football team you support) 
• Any information that can be found online or on social media (e.g. your cats name or the year you graduated) 
• Using consecutive numbers or letters (e.g. 12345 or abcdef) 
• Common character replacements for letters (e.g. swapping an O for a zero or an S for a $) 

Check here to determine how secure your new password is: 

https://www.security.org/how-secure-is-my-password/