If you’re like most people you’ve been forced to use passwords on various websites. The problem with being forced into doing something is that it makes people not want to do it. If I told you that you had to do the dishes before you ate, and you were really hungry, you may not do a very good job at doing the dishes. The same analogy is applied to passwords and websites.
So what do people do when they’re forced to make yet another username and password for a website? They simply utilize the same information that was used on another website. I recently went to a client’s home in Syracuse, NY. Let’s call her Mandi. Mandi runs her own business. She uses the same password for every website, as well as the same username, a double whammy! When she brings up a website to login it’s really very easy for her. All Mandi needs to remember is a single username and password.
The big problem Mandi will have in the future is if and when her data is stolen. Although Mandi is generally careful about the websites she visits, there is no way she can control what those businesses that manage the data on the websites she visits does with the data. For instance, remember the Equifax hack, the Excellus hack, or the Target hack? Those are just the most prominent hacks that had passwords and usernames stolen. All of those businesses have customers that are located in Syracuse, but they have repercussions for other areas of the world (especially Equifax).
So what happens when a certain username and password are leaked and shared with the dark net and other criminal underground types? One thing that is attempted is to see if those username and password combinations will work on other websites. For instance if Mandi had her information stolen, and has accounts on Google, Excellus, M&T Bank, Amazon, etc., those in possession of the data will have access to all of her accounts. She could lose her money in addition to become the victim of a serious identity theft issue.
What you can do is simply take the time to create a separate username and password for all the websites that require one. A simple way to make that easier is with a program called keepass. There are some other sites and programs that accomplish the same thing but keepass is completely free, easy to use, and is available in Windows, Android and Apple varieties. The great thing about this program is that you only have to know one password, which is the password for keepass! If someone gets a hold of your computer or device that has keepass installed, they will never be able to utilize all the information stored in its database since it is encrypted. This program is one of the free programs I generally install for my customers after a virus removal.
If using a program to keep track of your passwords isn’t your thing, at the very least keep a log book in a hidden location and get in the habit of creating different usernames and passwords for all the sites you visit that require them.
If you’re confused by all this, simply give me a call and set up an appointment. I’ll devise a plan suited to your needs to get you set up and protected from this problem.