Why You Should Never Reuse Passwords
Ever lost your car keys? Not easy to get into your vehicle without your keys, is it? Now, imagine having one key that you can use for your house, car, office and so on. A master key. Wouldn’t this save you from having to carry a bunch of keys in your pocket? Sure, but if someone steals your master key, they’ll have access to not just your car, but also your house and whatever other lock the key fits.
So, clearly, having one such key is not a very good idea.
And why is it then that many people use the same password for multiple websites? The same logic applies here as well. If someone steals or hacks your password, they’ll get pretty much unrestricted access to your sensitive information from any of these websites.
This means your email, address, phone number, even things such as social account and banking information might be compromised. Not good news if that happens.
It’s not even that people are not aware that reusing passwords is a bad idea. One study showed that 91% are aware of the danger. Unfortunately, that didn’t stop 61% of respondents to still use the same password, thus allowing hackers to have a field day. Their excuse? Easily forgetting passwords.
In one study, Microsoft discovered that a common Internet user has, on average, 25 accounts. This includes their email address, any social media platforms they use, their bank, PayPal perhaps and any other website they use. Guess how many passwords people use on average? If you think its 25 (which would make sense), you’re wrong. It’s just 6.5 passwords. That’s one password for 4 websites.
How Do Passwords Get Cracked?
If you’re thinking, “no way is that going to happen to me”, think again. Even the strongest password can be cracked. Because, often, the weak link here is not the password itself, but the one using it.
This is why you need to refrain from using any personal information, such as date of birth, spouse or children names and things like that in your passwords. If you do that, you’ll only make it easier for hackers to guess your password after learning this about you.
Hackers use different methods to crack passwords. The most common is a phishing website. This is a website that looks nearly identical to a real one, with almost the same login page that can lure you into sending your password to the hackers.
One famous example of a phishing scam happened in 2016 when the staff and even players of the NBA club Milwaukee Bucks became victims of this kind of scam. What happened was that that one employee sent out tax details for the previous year impersonating as Peter Feigin, the team president, compromising the employees’ sensitive information, including their Social Security Numbers, financial records, birth dates, addresses, total packages and more. The breach occurred in April 2016 but was only discovered a month later, giving the hacker plenty of time to wreak some financial havoc.
Another way hackers can get access to your password is by installing a keylogger on your computer via a malware. That way, a hacker can track your keystrokes when you visit a website (for instance your bank or email) and log these for “future use”.
Of course, there are other ways to get your password cracked. Hackers can, for example, use a program that allows them to compare lists of words or characters to find a password. Fortunately, this method can be, if not thwarted entirely, then at least slowed down considerably by having a strong password. That’s why it’s a good idea to use special characters such as ! or numbers in your password.
What are the Risks of Reusing Passwords?
Okay, let’s say you did reuse a password and that it got cracked? What’s the worst that could happen?
Even if the site that’s been hacked doesn’t contain any information about your finances, it still might contain your name or email address. And that’s all the hackers need to gain access to some other site with the kind of info that they are looking for.
Let’s go back to 2014. In September that year, almost 5 million Gmail accounts, including passwords, were uploaded to a Bitcoin forum in Russia. 700,000 of that number appeared in the WordPress user database and 100,000 of these used the same password for WordPress and Gmail. That’s 100,000 people whose password could be exploited.
Don’t rely on websites for keeping your password safe. A lot of them store user information in plain text, just begging any cyber-attacker to come and take them and then add them to a hacker database.
Best Password Practices
So how can you make sure that your password will keep hackers at bay? Here are 3things to do:
- Don’t use any personal info
We already mentioned this, but it bears repeating. Don’t use any personal information in your password. It’s very easy for hackers to find your personal information (you often post them yourself on Facebook) and then use this information to guess your password.
- Use special characters and numbers
Don’t use something like 123456 for your password. A child will be able to crack that. Instead, use a mix of letters, numbers and special characters such as $, % or ^ to make your password harder to guess.
- Change the password regularly
Give hackers enough time and they’ll crack your password, no matter how strong you made it. For this reason, you should change your passwords regularly. It’s best if you do this every 6 months at least.
Why you need to stay ahead of hackers and use a strong password protection such as “Hack & Salt” by CTemplar. We guarantee full anonymity and will have no access to your password. The only thing we see is an n encrypted “hash-salted” password that no one will be able to use to find out your actual password.