Passwords - Do you know NEVER to use the same password for more than one account/service?

Updated by Brady Stroud [SSW] 1 year ago. See history

123
<introEmbed body={<> Using the same password for multiple accounts or services can pose a significant security risk. It's a common mistake that many people make, but understanding the importance of unique passwords is crucial for safeguarding your online accounts. Most people might be unconcerned, saying that there was little to panic about if someone had compromised their LinkedIn account. But if you ask them _“but what about every other website you use the same username and password for?”_ they would often go pale and run to their computer to check. Using the same password everywhere may seem like a convenience, but the impact of a compromised password can be orders of magnitude greater if you reuse it. </>} />

Before have I been pwned?, there was LeakedIn. LeakedIn was a website set up in 2011 following a high-profile breach at LinkedIn where passwords were leaked. The website operated like Haveibeenpwned, letting you check whether your account was in the breach, but only for LinkedIn.

If there is a breach at a website you use, and you only use the password there, then you have to change one password, and the scope of the issue is limited to that one website. If you reuse the same password everywhere, and any one of those services is breached, the attacker now has access to everything – your bank, your work, your social media, everything.

Send a message to someone who needs to understand the importance of password safety. Always use a unique password for everything.

Image

Figure: SugarLearning reinforces to never use the same password twice

Categories

Rules to Better Security - End Users

Acknowledgements

Matt Goldman
Related rules

Need help?

SSW Consulting has over 30 years of experience developing awesome software solutions.

We open source.Loving SSW Rules? Star us on GitHub. Star