Do all your accounts really need a different password?

Most of us know by now, that it's not good to use the same password for all of our different accounts.

​

Yet some of us still do.

​

(I won't ask for a show of hands 😉).

​

(BTW, I included a simple graphic in this email, to help make unique passwords easier).

​

​

Here's the thing:

​

Users who continue to use passwords they know have been exposed in a hack are truly flirting with danger.

​

​

In a recent study, Google found 1.5% of passwords are still being used despite those users knowing they’ve been compromised.

​

Despite all the numerous reports of significant data breaches and hacks that reveal many passwords and other data, some password users continue to ignore the warnings.

​

A security researcher found over 22 million unique passwords and more than 770 million email addresses publicly shared on a hacker forum earlier this year.

​

The massive discovery is believed to be the largest data dump to date.

​

Most of us wouldn’t hand our car keys to a car thief…

​

But reusing compromised passwords may be doing just that.

​

​

Hackers who get passwords from data dumps or buy them on the dark web have the keys to enter sensitive accounts.

​

Data breaches can expose passwords, which may grant access to accounts and lead to the theft of personal information such as bank and credit card details.

​

Those who reuse the same compromised passwords for different accounts can also become victims of credential stuffing.

​

And here's the danger… 

​

Hackers use "credential stuffing" to try stolen passwords on different accounts belonging to the same user, hoping to access more accounts.

​

Since this type of hack is on the rise, so are the opportunities a hacker has to steal even more PII. Either way, reusing passwords involved in a hack or breach can be a lose-lose situation.

​

Password Protection

• Change passwords immediately after finding your account may be exposed in a data breach.
• Use strong and unique passwords for each account and change them regularly. Include letters, numbers, and special characters.
• Use two-factor (2FA) or multi-factor authentication (MFA) when available, as they provide additional layers of security when logging-in.
• Keep passwords to yourself and don’t share them.
• Be aware of others watching when you type a password and always logout and close the browser window if applicable when done.
• Check password strength, if a website offers a strength analyzer when creating an account.
• Avoid using passwords with unsecured Wi-Fi as they can be intercepted and stolen.

​

Need a tip for creating passwords you can remember?

​

Try creating a base password of at least six characters. Then add some characters from the related website to that to create your password.

​

For example, if the base password is “XP2#z%” and your account is at acme.com, your password for that account would become “XP2#z%Ac” using the first two characters of the website on the end.

​

Stay safe,​
​
​Your Dicar Networks Team