Overused Passwords Can Compromise All of Your Online Accounts

In many instances of large data breaches, such as the ones from companies like Netflix or LinkedIn, we hear of the news very quickly. A data breach like that is broadcasted in the news, and alarmed customers rush to change their passwords. You might assume that once you’ve changed your password in the midst of a data breach, you’re now secure. But that’s not always the case. A breach with one online account can actually lead to a breach with another online account… But how?

The problem boils down to people using the same password for multiple online accounts. So for example, if your LinkedIn password is hacked, you quickly change it. But do you use that password on other websites? For example, you might use the same password for Facebook or your bank accounts.  If you’ve done that, the hackers can simply use the same email address and password on those other sites, gaining access to online accounts that haven’t actually been a public target of a data breach.

Unfortunately, people are creatures of habit, and criminals study us to learn these behaviors. About half of all people reuse the same passwords on numerous accounts, so with a little guesswork on various websites – called credential stuffing – a hacker who gained your password from one account might be able to crack into another.

Creating unique passwords for each online account is the obvious solution to this problem. Yes, keeping up with all of them can be a bit of trouble. But that trouble pales in comparison to having your bank account hacked, or losing sensitive data on all of your customers in the event that your work accounts are compromised.

This rule should be true for all of your employees as well. At the very least, make sure that they know not to use the same passwords for personal and work accounts. Each of your accounts to which they have access should be protected by a unique password, along with two-factor authentication when available.

For more on keeping your data safe, call us at 888-RING-MY-TECH. We can help you spot potential security breaches before they happen, and implement the tools necessary to prevent disaster.