Recycling passwords? It’s time to make some changes
IN THE United States, the average email address is linked with no fewer than 130 different accounts on the Internet.
How many accounts do you use daily? Chances are there are accounts out there you haven’t seen or thought about in years.
Many people report having more password protected accounts than they can recall, and while you might not be using all of the accounts currently they may be giving hackers access to those accounts you do use regularly because of one common habit: recycling passwords.
Millennials – from late teens to those in their thirties – have grown up being told the proper password safety procedures, are shockingly the most likely group to reuse passwords. Instead of leading by example, they are making things less secure for everyone.
More than 75 percent of younger Millennials report reusing passwords, compared with 58 per cent of older Millennials, 61 per cent of Gen X-ers (born early 1960s to late 1970s), 56 per cent of Baby Boomers (born during post World War II years), and 62 per cent of the Silent Generation (born just after World War I). Overall, 61 per cent of people admit to using the same password across multiple websites, but somehow 89 per cent of people feel that their password habits are secure. Unfortunately, this does not seem to be the case.
What does it actually take to have a secure password? It’s a lot more complicated than you might think, and this may be a leading factor in why people are reusing passwords to begin with. Secure passwords use the following precautions:
Never use the same password for different websites.
Use a complex password or passphrase with letters, numbers, and symbols.
Update passwords regularly, especially if you are notified of a breach.
Use multi-factor identification for sensitive accounts. One example is where you use an online account, for example Google, to manage your email and other services. The authentication process can be set to include sending codes to your phone.
If you attempt to log in using another device, you will be prompted to enter the code. So the only way someone could hack into your account would be to steal your phone or SIM card.
If you’re a forgetful user, download a secure password manager for your phone.
One example is KeepassDroid for Android phones. The database can be stored online, for example on Google Drive. If you’ve stored it there, all you
Remember that hackers know that people use the same password over and over, so if they’re able to get a user’s credentials for one site or service, their next move is to see if the password works on email, Facebook, Twitter, a banking site, or other high-value targets. For example, your EPF online account.
have to do is click on the file (with the extension .kdb) and it will launch KeepassDroid. This app works offline, so there’s no probability of someone actually hacking in.
Remember that hackers know that people use the same password over and over, so if they’re able to get a user’s credentials for one site or service, their next move is to see if the password works on email, Facebook, Twitter, a banking site, or other high-value targets. For example, your EPF online account.