* This article was written in collaboration with Ringle.
Are you someone who always forgets passwords and finds yourself struggling to reset login information? Welcome to the club! It has only been more and more difficult to remember every single password for different types of online services. Some of us have dealt with this stress by reusing the same passwords for various accounts. However, this action carries significant risks to our lives online and plants the seeds of privacy exposure.
According to research by the cybersecurity industry, the average person reuses the same password as many as 14 times. Moreover, 72% of individuals reuse passwords in their personal lives, and 49% of employees only slightly adjust their passwords when they are forced to change their password at work by adding a digit or a character to the original passwords. On top of that, 73% of users appear to duplicate their passwords in both their personal and professional accounts.
The problem with password reuse lies in the fact that bad actors with malicious intent take advantage of these habits in order to coerce people for personal gain. Once users’ passwords are exposed to outsiders due to a security breach of vulnerable services, those passwords are endlessly circulated through the underground forum, which is referred to as the dark web. The leaked passwords will keep putting their users at risk until the users change their passwords to a completely new combination.
Making use of reused passwords is the steppingstone utilized most by hackers. For the past several years, we have seen multiple celebrities suffer from blackmailing after their online accounts were infiltrated by hackers and their private pictures and conversations were disclosed to the public. This threat is no longer limited to famous people. Phone scammers often use stolen, reused passwords to find sensitive personal data, which they then blackmail innocent people with for money. For business entities, the trouble gets worse because reused passwords open the first door to hackers who try to gain access to internal resources and obtain confidential documents.
There are best practices regarding password management. First, use different passwords for different accounts. Secondly, use multi-factor authentication (MFA). MFA enables users to fortify their accounts by adding one more layer of protection. Finally, use at least 16 characters when you make passwords. Longer passwords help prevent hackers from penetrating users’ accounts, especially regarding the widespread hacking tactic “credential stuffing,” or the automated injection of stolen usernames and passwords into websites.
It feels tiresome to manage passwords. However, it will save you from a whole lot of troubles in the future if you decide to start being careful about them. Let’s start by changing your oldest passwords today.