Why Is It So Important To Have Unique Passwords for All Your Online Accounts?

A complex password is a necessity in the current age of cyberthreats, data breaches and other security incidents. Those of us who live in reality also know how hard it is to keep the seemingly hundreds of passwords straight, secure and different.

Wait, what’s that? All of your passwords aren’t different?

Why is having different passwords so important? When an online retailer, or a website, gets hacked, oftentimes all you hear in the news is about how many credit cards were lost or what the financial damage was. You rarely hear about the user accounts that were compromised. However, if you have an account on a compromised website, the username and password you used very possibly could be published and available to anybody who wants to look at it at on the Internet.

A clever crook knows that you probably use the same password on the compromised website as you do on your eBay, Amazon or other online account that may have a bank account tied to it. And there is a good enough chance that they’re likely to try it anyway. Sure enough, when you used the same password on your eBay account that you also used to set up an account on the compromised website to reserve hotel rooms, buy clothes or whatever else, the hacker now has your eBay credentials.

That covers personal passwords. What about passwords used for work? Employees are signing up and logging in daily to an assortment of online vendors, subscriptions, credit or banking companies, social media websites – you name it. Most of them, I would guess, are legitimate business websites that are important to their job.  Some of them might be personal websites – email, banking, shopping, etc.

A few things about how office workers currently save those passwords:

1. If they are stored in a browser (like Chrome), they can be accessed from the employees’ home computers. Not just the personal logins, but the business logins as well.
    
2. If they are stored in a browser, it’s fairly easy for anyone with a little bit of IT skills, to pull those passwords out and use them – without your knowledge.
    
3. If they are not stored in a browser – how are they being tracked? In an Excel spreadsheet or Word document named “Passwords?” – You would be astonished how common this is. And what would a hacker search for first once they get onto a network undetected?  Yes, anything with the word “password” in it.
    
4. If they’re not stored in the browser or a document on their desktop or server, how about the stickies on the underside of the keyboard? Top drawer of their desk? Or our favorite – a stickie right there on their computer monitor (we’ve seen Admin creds written on a stickie and displayed on a monitor too many times to count).

Here’s a tip: sign up for a Password Management Tool. At a basic level, a Password Manager is a service that allows people to secure all of their account log in information with one master password. Some options could include LastPass, Roboform or Dashlane to name a few.  Some of these have a free option but come on folks – these are your passwords we’re talking about. You do NOT want to risk your passwords getting in the wrong hands!