Helping the Hackers – Password Re-Use is Widespread!

Some interesting, but not surprising findings from F-Secure:

They found that many users were re-using passwords even though they knew the risk of doing so, and I quote:

“59% reuse passwords across multiple accounts, even though 91% say they understand the risks of doing so.”

You can read the full article from F-Secure here: https://blog.f-secure.com/how-to-keep-your-passwords-from-being-an-attackers-key-to-your-account/

Please, please do not make a hackers job easier by using the same password on multiple sites; if you must use the same password at least enable 2FA (Two Factor Authentication)/MFA (Multi-Factor Authentication)* on the sites where you do this, as this will make it harder for the hackers to compromise (take-over) your account(s).

The problem is, if you use the same password on multiple sites, it allows the bad guys and girls to carry out what is known as “Credential Stuffing” attacks….once they have found a valid set of credentials for one site that you use, they will try the same ones on other sites…

It is better if you use not only 2FA/MFA, but also a Password Manager to store and create strong unique passwords for you (belt and braces, folks!)

You can even enable 2FA/MFA on the Password Manager, so if that is stolen, the bad guys and girls can’t gain access to that either… Belt, Braces and Super-glue 😉

* One factor authentication, is something you know (user id and password), Two or Multi-Factor authentication, is something you know, and something you have or are (such as a one-time password/key/token, biometrics, smart card, hardware or software token, certificate, etc.) Unless the Bad Guys and Girls can gain access to the second factor, they can’t sign in as you…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.