Protect access to system through a secure password, keep it secret and change it frequently.
Instructions for generating a secure password and the correct handling of passwords can be found here.
Do not use the same password for all possible IT services and applications that require a password.
Whenever possible, two-factor authentication (2FA) is preferable to the simple password.
An overview of which services the 2FA is already available, you will find here.
For mobile devices like smartphones, you should use secure access protection (screen lock). Not secure are: none, swipe, pattern.