Today, we will show you the 11 password management mistakes you should avoid.
We all know the importance of keeping our passwords safe. According to the 2019 Verizon Data Breach Investigations Report (DBIR), passwords are still a major security challenge. The data showed that 80% of hacking-related data breaches involved passwords.
It isn't easy to manage passwords. Given the number of accounts we have, password management is one of the toughest things to do. For this reason, users find it difficult to maintain standard password hygiene.
Malicious actors are relentlessly coming up with strategies to steal passwords. They use many tactics to cause data breaches.
Hackers take advantage of password-related mistakes to wreak havoc. We’ll discuss 11 password management mistakes you should avoid.
READ ALSO: 50 SUREFIRE Tips To Protect Your Privacy Online
Table of Contents
Password Management Mistakes You Should Avoid
1. Using One Password For Many Accounts
Accessing different accounts with one password is a common practice. It’s done for the sake of convenience. Managing a set of passwords is an uphill task. As a result, users tend to simplify their lives by using a single password for different accounts. Whatever the reason is, this practice is bad.
What do you think will happen when such an “almighty” password is stolen?
According to The 2019 State of Password and Authentication Security Behaviors Report, 51% reuse passwords across their private and business accounts. The same research revealed that 69% share passwords with colleagues to access accounts.
Users prefer a login method that doesn’t involve the use of a password. Managing several passwords can be tough. Meanwhile, it’s a task worth undertaking.
Are you weary of manual password management? There is a better alternative. A password manager will do the magic for you.
2. Easy to Guess Password
Another password management mistake is to use “12345” or “ABCDE ” as a password. Simple and popular passwords are easy to guess. Today, the average person has many passwords to manage. Consequently, we tend to use simple passwords in order not to forget.
Avoid simple passwords like using your name, phone number, or a combination that is easy to track. Increase your chances of being safe by making your password strong.
What are the features of a strong password? A strong password is long enough (at least eight characters) and has a combination of upper case, lower case, special signs, and numbers.
Learn how to create hack-proof passwords. Hackers are relentlessly deploying password-cracking techniques. Creating strong passwords will help boost your online safety. Better still, why not consider getting a reliable password generator?
3. Storing Passwords
Avoid storing your passwords on paper or digitally. If you do, it can be stolen by people with malicious intent.
We’re always tempted to write down passwords. It's dimmed a convenient way to keep passwords handy.
However, experts speak against that. Use a password manager instead. Password managers offer convenience and reliable security.
READ ALSO: The #1 Reason Why Organizations Skip Security
4. Not Logging Out of Platforms
Do you make this mistake? I do sometimes. Many people are fond of this shortcoming. The point is this: when you fail to log out, you make it easy for malicious actors to steal your information.
Hackers scour the internet for weak accounts. Compromising your account and stealing your login credentials is easy when you keep open doors by not logging out.
What if someone around you has malicious intent? By not logging out of platforms, you make it easy for those targeting you to succeed.
Be careful when you use a public device to access your accounts. After using a public computer, make sure you log out. If you fail to do this, anyone who uses the computer after you can access your accounts.
Remember, malicious actors are consistently in search of such costly mistakes. They thrive by taking advantage of users’ inefficiencies.
5. Using Dictionary Words
Hackers use Dictionary Attack programs to search for dictionary words. To have a strong password, avoid password dictionaries.
Complicated hackers have software that searches through thousands of dictionary words. With such tools, common passwords can be plugged into password fields.
6. Using Username as a Password
Another password management mistake is to use a login username as the password. I'm afraid that's not right. A typical login page requests a username and a password.
So, people looking for simplicity use their usernames as passwords. Using a partial or full login ID is not advisable.
Another similar mistake is using your email username as a password. This isn't good because email addresses are used as login usernames as well. Apart from that, email addresses are shared widely. Using them as passwords is a bad idea.
7. Storing Passwords in the Web Browser
What do you do when a browser offers to save your password? You hit “save”.
Hackers target vulnerabilities in browsers. So, your login details may end up in the hands of hackers. Each time a browser offers to save your password, decline honourably.
It's better to scratch your head and remember your login credentials than to lose precious data. Relying on browsers for password management is not a smart move. Browsers don't offer the level of password security required.
8. Using Personal Information as a Password
We use our first names, phone numbers, second names, pet names, hobbies, favorite actors, and what have you, to create passwords.
Do you know what it entails? Anyone determined to hack your accounts can do that by doing a little research about you.
9. Using Popular Words
Research has shown that there are popular words that many people use as passwords. One such word is ” love”.
Avoid using a well-known word for a password. This practice makes it easy for malicious actors to trace passwords.
10. Using Adjacent Characters on Keyboard
This practice is known as password walking. The research revealed that people type in adjacent characters on the keyboard. This is done to make recalling passwords easy. Experts discourage this tactic.
11. Changing Passwords Often
Information security officers advise us to change passwords occasionally. It should not be done more often than necessary.
Doing it too often gives way to weak passwords. Some, trying to change passwords, end up recycling the ones they have used before.
Password Management Mistakes: Frequently Asked Questions
What are common mistakes to avoid when managing your passwords?
- Reusing passwords: This is the single biggest mistake! If one account is compromised, all your accounts using the same password are at risk.
- Using personal information: Birthdays, pet names, addresses – these are easily guessed and should never be part of your password.
- Weak passwords: Short passwords with only letters or numbers are easy to crack. Use a mix of uppercase and lowercase letters, numbers, and symbols.
- Writing passwords down: Sticky notes or notebooks are not secure. If someone finds them, your accounts are vulnerable.
- Sharing passwords: Avoid sharing your passwords with anyone, even close friends or family.
- Falling for phishing attacks: Don't click on suspicious links or enter your password information on untrusted websites.
What should you avoid using in your password?
- Dictionary words: A hacker can easily guess these.
- Sequences: Avoid using consecutive numbers or letters (e.g., 123456, abcdef).
- Personal details: Birthdays, anniversaries, pet names – these are easy to find out about you.
- Simple patterns: Don't use keyboard patterns like “qwerty” or simple variations.
What is the most common password mistake?
Reusing the same password for multiple accounts is the most common and risky mistake. A password manager can help you create and store strong, unique passwords for each account.
What mistakes do we usually make when choosing a password?
- Making passwords too short: Aim for at least 12-15 characters.
- Using only one type of character: Combine uppercase and lowercase letters, numbers, and symbols for maximum strength.
- Choosing passwords that are easy to remember: While memorability is important, prioritize complexity over convenience.
What are the common mistakes people often make when using strong passwords?
- Writing them down: This defeats the purpose of a strong password.
- Sharing them with others: Never give out your passwords, no matter how much you trust someone.
- Using them on insecure websites: Be cautious about entering your password information on sites you don't recognize or trust.
What is the main risk of using a password manager?
The main risk is if the master password for your password manager is compromised. This is why it's crucial to choose a strong, unique master password and enable two-factor authentication for added security.
Conclusion
Convenience is the major reason people make all these password management mistakes. It's understandable why you may want to keep your passwords as simple as possible. However, there are better alternatives.
Therefore, I strongly recommend password managers. It offers the two things we are looking for – convenience and security.
Note: This was initially published in May 2020 but has been updated for freshness and accuracy.
RELATED ARTICLES
- 10 Best Safety Tips for Online Shopping
- 5+ Golden Cybersecurity Tips for Student
- 12 Worst Data Breaches In History
- How To Write An Essay About Yourself: Follow A Simple Guide
- Password Explained in Fewer than 140 Characters
- The Ultimate Guide to Using a VPN on Your iPhone – Tips and Tricks
- Identity Protection Explained in Fewer than 140 Characters
- How To Secure Your Gmail Account
About the Author:
Meet Angela Daniel, an esteemed cybersecurity expert and the Associate Editor at SecureBlitz. With a profound understanding of the digital security landscape, Angela is dedicated to sharing her wealth of knowledge with readers. Her insightful articles delve into the intricacies of cybersecurity, offering a beacon of understanding in the ever-evolving realm of online safety.
Angela's expertise is grounded in a passion for staying at the forefront of emerging threats and protective measures. Her commitment to empowering individuals and organizations with the tools and insights to safeguard their digital presence is unwavering.