Even if your password isn’t “123456,” “password,” or “qwerty” — some of the most commonly used ones out there—odds are good that other people know your password. That’s because of two reasons:
- Billions of leaked credentials have found their way online thanks to data breaches.
- The average person uses the same password in multiple places.
Especially when you’re busy and doing a lot online (holiday shopping, for example), the temptation is strong to take a shortcut and use the same password twice…or three times…or more.
But don’t do it. A few seconds of time savings in the moment could ultimately cost you a lot more.
Think about the most important information you’re protecting using that same password. Does your bank account, retirement account, or main email use the same password as a different site? What password do you use for your online medical chart access? Or what about your favorite online shopping site that saves your payment information for you? If any one of these was hacked it would be huge—but if you use the same password other places, all of them could be.
Protect yourself, your money, and your privacy, by following these simple tips:
- Use a password safe/vault. Remembering passwords doesn’t have to be challenge. Create unique passwords and save them all in one place. There are free password vaults and pay options you can use (e.g., KeepPassX, Password Safe, LastPass, to name a few of many)—just use one! These services make it really easy with browser extensions that save your passwords as you go.
- Use secure or random passphrases – ASimplePhraseIsBest. Think of a simple, but unique sentence over 15 characters to use as your master password for your password vault. You only need to remember that phrase to access the tool and can use randomly-generated passwords for everything else.
- Never use the same password twice – Like we said before, just don’t do it. You could save a few seconds, but you may lose everything if it is used somewhere else and leaked by a third party site with less security.
- Sign up for have I Been Pwned – Have I Been Pwned will notify you if your email address is involved in a data breach online.
Stay safe out there—and keep your passwords to yourself!
Very good advice on passwords and I use an apple computer that will generate very strong passwords but 90% of the places I log into will not accept them because they limit the characters that can be used. We need some password help form the other end to get up to date on passwords to really be safe.
John, you have a very good point about the special characters. However, it’s not just the character set that makes a strong password. The length is even more important. So generate something like A4fyKM76Dkh6vBpx which is 16 characters. It takes much longer to break by brute force than #PtvKjl!. So I often check the maximum length allowed, maybe 16 to 30 and generate the longest password possible, even if it needs to have a more limited character set.