Complying with the latest security requirements demands superhuman abilities: a password should be at least 12 characters long and use a combination of letters, numbers, special characters… you know the drill. But more important is the fact that you shouldn't re-use your passwords with another account. In other words, it’s necessary to come up with something that doesn't make any sense, and remember it.
So it's alright to ask yourself: am I Superman or something? You should know the answer.
That's why many people simply drop key elements of a secure password – its uniqueness or length – and start creating passwords that include personal details, which is a no-no since this makes passwords more easily guessable by hackers.
This shouldn't be such a major problem itself if the password is used on platforms that have low potential for an attack. Studies show, however, that on average users in the U.S. have about 130 online accounts connected to a single email address. The problem begins when such accounts include services such as PayPal, Amazon, Citi, and the like.
How Dangerous Is Using the Same Password for Multiple Accounts?
Customers using the same password when signing up to online banking services, ecommerce sites and other internet-based services requiring sensitive data are unwittingly contributing to rising fraud of accounts.
Using a combination of sophisticated techniques such as phishing attacks and advanced password cracking methods, hackers are able to get access to people's data. The number of fraudulent transactions continues to rise each year, and there’s a reason why.
By using the same password across all online accounts, users give hackers easy access to their whole digital life. It's like leaving the keys under the doormat. If a hacker gains access to one user account, he or she can easily take over all online accounts and impersonate them.
If the hacker has the password for one service, it's a no-brainer for them to check whether that password has been reused on other sites. In this way you can get locked out of your digital life in mere minutes, as the TechCrunch writer John Biggs found out.
A similar issue happened to a UK-based business owner, who lost £3,800 because they dropped the uniqueness of their passwords. After checking her accounts, Kristin Jasper noticed online payments to big name retailers such as Curry's and Argos after she had been hacked.
Can You Reuse the Same or Variations of the Password?
If you ask a security expert, the answer is no. They will recommend not using any kind of variations of the same password for a simple reason: humans are the weakest link in IT security. Even when we create strong passwords, software can still crack them. And so using a weak password – or variations of the same password – is akin to handing over the keys to your digital life, because password cracking software will guess it in minutes.
What Do Security Experts Recommend?
The thing that all security experts will agree on is that you should use a unique and strong password for every account you have. There’s a strong argument backing this good piece of advice: if a hacker gets access to one of your accounts, he or she will need to work harder to break into all the accounts that you have.
Luckily, there are some simple tricks to help you remember those strong passwords, but security experts also recommend using a password manager to keep track of all them. By using a password manager you only need to remember a single strong, unique password – the master password – and can then give up on remembering the rest. Better still, the in-built password generator will easily generate cryptographically secure passwords and insert them in the required field exactly where and when you need them.
Best Password Managers of 2019
|Editor's Choice 2019|