Do you use the same password? You’re not alone! The general public uses identical passwords across the board – home, work, Gmail, Facebook, even for banking.
Considering the number of passwords that we expect to remember and use daily, password exhaustion could be a real issue. It’s no surprise that when those pesky login prompts appear that users often type in the easy to remember and easily guessed combos like “abcdefg” or my personal favorite, “password.”
The trouble is, while your password may seem like it is working, hackers are sneaking around the web scooping up usernames and passwords as they go. They gather from either leaked details or a site with security flaws.
Once they have the login details from one website, they then try their luck with the same login details at other sites. They recognize over half the users on the World Wide Web use the same password and login information. The chance they will open the door to your accounts is quite high.
Even the big corporate names in technology are in danger of news-making password breaches:
- Three hundred sixty million MySpace emails and passwords leaked. (Does anyone use MySpace anymore?)
- One hundred seventeen million LinkedIn account details leaked.
Are you using the same password across websites? Well, be ready because eventually, they will fall like dominoes. One website breach leads to another, then one more and then another. They keep going until there is nothing more to hack and gain from the login information. One way to break this chain reaction is to use a unique password for every website.
How to Generate Very Easy to Remember Passwords
Have a method or template for making your unique passwords that you’ll be able to recall and will not be easily guessed by hackers. For instance:
Becomes – !K1ttyFB75!
It might appear sophisticated; however, the previously mentioned example has a simple basis on the words ‘kitty’ and ‘FB’ for Facebook. So using this method, you can now amend “FB” to an abbreviation for other sites. Now your password is unique for each site and not easily guessed, but easy for you to remember.
Make sure you use a combination of upper case and lower case letters, mixed with numbers and symbols for your password.
What Actions to Take if Your Password Gets Hacked
You need to look at all accounts. To see if they have become compromised, you can enter your email for those sites into haveibeenpwned.com.
All you need to do is type your email or username, press enter, and HIBP searches the breached data and displays anything that trips. If HIBP finds the email or username listed in a breach, you will need to change up the passwords on the listed sites right away, if you can. Then you will need to change passwords on other sites right away – every one of them.
This password change would be an excellent time to use the example method/template for generating passwords discussed previously. Some people still have trouble recalling their passwords even with a template. If this sounds like you, then consider a password system that will generate complex passwords and then store them for you. Systems like LastPass and McAfee True Key have free and paid versions.
If you would like assistance implementing improved security practices for your business, contact us or leave a comment here on this post.
Would you like to start receiving articles like this and other related to ITSM, IT Policy, IT Consulting, and other IT service management related information today? – START HERE!