This AARP article has some good suggestions for preventing identity. One of my clients is testing out LastPass (suggested in this article). Maybe something to consider? Let me know if you need help setting it up or implementing any of the other suggestions.