To maintain safety online, it’s best to use a different password for each and every website you frequent. Because this can be a daunting task for even the most technical-minded person, it becomes tempting to write them down. However, that log then becomes a single point of failure for security if it is stolen or lost.
Take the case of Sam who used a very complex and unique password for his bank login that was different from the password for his primary email address. Unfortunately, he would often use the same password combined with his email address on other websites. When one of those websites was compromised, the hacker was able to secure Sam’s email address and password. While this would not give them access to Sam’s bank, it did give them access to his email address which was the bank’s primary point of contact for password resets.
Hackers utilize tools that allow them to quickly run an email address and a list of possible passwords against thousands of websites with the simple click of a button. So even if the password they have is not Sam’s, they may be able to find several websites that use that same password.
At a bare minimum, you must utilize unique passwords for financial institutions and email addresses. However, it is best if all your logins have a unique password. Even websites that don’t require your email address to login should still have unique passwords, as these sites often contain your contact information.
One option for managing all these passwords is a password manager. These tools, which use military-grade encryption to protect all your passwords, are easily utilized directly through your web browser. Norton’s latest security products include a password manager, and browsers such as Chrome, Firefox and Safari have them included.
If you chose to use a password manager, it is extremely important that you use a very complex and secure password for the manager itself. Use special characters, numbers and a mix of upper- and lower-case letters, as well as the maximum number of characters. If you want to string together several words, don’t use words that form an understandable sentence. And then, as tempting as it is, don’t store that password in your Notes app, on a post-it on your laptop, or in another obvious location.
For more security and privacy tips you can go to the Privacy, Identity, and Security section of The Federal Trade Commission’s website. You can also check our blog posts as it is our goal to continue to post topics that help you stay safe and secure online.