Do you have an identity problem?

Bankrate, the financial website, reports that 41 million U.S. adults have been the victims of identity theft and 49 million others know someone who has been targeted by a person pretending to be him or her.

Discovering your credit card has been used without your permission is the most common, and in some ways, the mildest, form of ID theft, because your bank's fraud alert will likely notify you, cancel the charges and get you a new card.

But someone getting ahold of your Social Security number, date of birth and other biographical information is much worse. You can be liable for thousands of dollars in charges, it can ruin your credit, and once the information is out there, these violations can be repeated again and again.

I called up one of Bankrate's analysts, Mike Cetera, for information on how to avoid this fate.

Q: What's the biggest mistake

people make that exposes them to identity theft?

A: The key one here is using the same or similar passwords (across websites). And I think this is a big deal right now because of the Yahoo breach. (This fall, Yahoo! said 500 million accounts had been stolen, and then in December, it announced that 1 billion accounts were compromised in another massive hack, in 2013.) Our survey found that a little bit more than a quarter of people use exactly or mostly the same password across accounts. This is a bad idea.

Q: So what should people do to keep passwords secure?

A: It's a good idea to create strong and unique passwords.

Q: Is it safest to keep them written down on paper in my house?

A: Yes, it's more secure than anywhere electronic. But a lot of people have way more accounts than they realize.

Q: So what's an alternative?

You tried a free online password

manager, right?

A: After we ran the survey, I decided to download a password manager myself. I went through the process of having it look through all my online accounts — I had 109 of them! — and translate them to unique and difficult passwords to break. It took me three hours to get it all done, but it's done now. And I only have to remember one password.

Q: You found that 36 percent

of survey respondents are using

unsecured wi-fi networks for personal business, like banking. Tell me what that looks like and why that's a

problem.

A: So when you go to your local coffee shop and they have free wi-fi, if you must use that network, don't do anything sensitive. Don't log onto your bank account. Don't look at your credit card statements. The bad guys have the means to break into these free networks and watch what you're doing.

Q: And you also found that

42 percent of adults aren't checking their credit reports regularly for

unauthorized accounts.

A: Yes, and a lot more privacy experts I speak with are saying that you should put a freeze on your credit. That means no new lenders have access to your credit report, so no one can take out a loan or open an account without contacting you for permission first.

Q: I thought credit freezes were for people who had already been victims of identity theft.

A: I feel like there's a switch in philosophies here. Experts are saying, I know this is kind of a hassle, but it's really not a bad idea to have it all the time, even if you don't suspect you've been a victim.

Q: OK, I'll have to consider it.

Any good news in the survey?

A: I think one of the things most Americans do tend to get right is when you get important information in the mail, say from the Social Security Administration or a credit card application, shred it. About 71 percent of U.S. adults are doing that.

Anya Kamenetz welcomes your questions at diyubook@gmail.com.