Passwords aren’t going anywhere. Even though we’ve seen a rise in a new type of authentication including two-factor and even Yubico-style log-in options; passwords still seem to persist in our lives. If you’re online and use passwords (I know you do), you want to be as sure as possible when storing them. This means, no more writing passwords on paper or post-it notes – it just isn’t safe.

In Edward Snowden’s book Permanent Record, he focuses on the lack of privacy we all face in our lives. As the person who exposed the U.S.’s role in a massive surveillance apparatus, he would know how to stay safe. One strategy is to use what’s called a password manager. He has said publicly:

“One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that is unbreakable, but you don’t have the burden of memorizing them.”

Two key things to focus on: creating unique passwords and not having to memorize them each time. When the passwords are stored in a database you control, you can make them extra long and complicated so they can’t possibly be remembered. They’ll be hard to crack, and no one can ask you for them. When logging into a secure web site, simply open up your chosen password manager and use the auto-type feature so you don’t even have to see the password.

The great thing, all of this is (mostly) free. The best password offline password storage tool is Keepass, and since it’s open-source and runs on all the main operating systems (such as Windows and macOS), you can step up to more security for no cost. It’s a tool that has been around for a while, so you can be sure it’s faced its share of scrutiny.

Cloud-based tools are possible too. Google offers a password manager in its Chrome and Android tools while 1Password is a popular paid storage tool. While good options, having the most control possible, means opting for tools that are not sitting out in the cloud.