What Could Go Wrong by Using the Same Password for All Accounts

Using the same password everywhere makes you prone to losing access to all of your accounts should your password from one of the accounts get compromised. Do use a password manager which is probably the best option for security and convenience to keep you safe while it is not such a big hassle.

If you are reading this on your computer or your smartphone, most likely you do have some online identity. The most basic would be an email address. From there, it expands to social media, instant messaging accounts, online shopping accounts, and many other services available on the internet.

In this day and age, technology advances so far, solving so many problems, making life much easier in many ways. Communication could not have been faster via instant messaging, shopping could not have been easier via online shopping platform, financial errands could be done with only a few taps on your smartphone via electronic banking, even opening your garage door could be done remotely if it is connected to an IoT system.

Identifying Yourself Online

These mentioned applications of technologies are of course not publicly accessible to anyone but you yourself. You will need to verify to the system that you are the owner of these accounts of services. The most straightforward method of identification involves input a correct password with a registered username into the service provider’s website - hence anyone who has access to this information could instantly impersonate you, access your accounts, and use the service as if they are you!

Your identity is valuable. It is the verification of ownership to all of your belongings.

Stealing Your Identity

Identity thieves are those who try to impersonate you to gain access to your belongings. They could then exploit these access to their benefits which include financials, usage of services, or your social reputations.

There are various methods for identity thieves or rather cyber-criminals to gain access to your online accounts. Stealing your user name and password is definitely the most straight forward way to do it.

Compromising Sensitive Data Through Data Breaches

In 2019 alone, at least 12.7 billion records of data were breached. The record includes name, physical address, email address, passwords, phone number, credit card numbers, and other sensitive data that are inputted into accounts. Amazon, Dropbox, LinkedIn, Yahoo (just to name a few) of the giants have experienced breaching before (Please note that breaches could mean some and rarely all sensitive information were compromised). This implies no one is truly safe, and it is better to be cautious of your security.

While there is nothing you could do about the security of service you have your account registered to, it is important to have firebreaks to prevent the spread of wildfire - using different passwords for all different accounts you own.

How a Single Data Breach Could Be a Threat to All of Your Identity

This is not an exaggeration and the analogy of wildfire works here. Consider this scenario - Assume that you are using the same username and password for Dropbox, Amazon, Facebook, Gmail. One day, Dropbox's database of username and password is compromised, and unluckily your account records were included in that data breach. The leaked record from Dropbox does not say what other accounts you own, but the hacker (cyber-criminal) will try their luck with your leaked username and password - they will try to log in all online services you could think of. This only takes seconds with programming magic; and now all of your accounts (Dropbox, Amazon, Facebook, Gmail) is in the hacker's hand at their disposal.

Am I Safe? Is My Data Leaked?

If your username/email has been around for a long time, and you have been using it to register many different online accounts, it is quite likely that your data may have been compromised from one or more of the registered services.

You can check if your email address has (ever) been compromised at have i been pwned . When you put your email address into the website, have i been pwned will run your email address in comparison with the database of breached record to see if there is a match, and generate a short list of breaches (if any) your email account is involved with.

How Do I Stay Safe?

59% of people use the same password everywhere. It is better to not be one of those people for the sake of your own security. Introducing firebreaks - using different passwords for different accounts will minimize damages should one of your account sensitive data get compromised.

Remembering All the Difference Passwords

On average, a person has 90 online accounts. That meant 90 different passwords, which is essentially impossible for a normal person to remember (and password should be changed from time to time as well). You will need to keep tabs of all of your passwords and there are a few ways to go about this. Things you will need to consider are security and conveniences. The best option today I would recommend is an online password manager.

Password Manager

As the name implies, a password manager helps you manages your passwords. Instead of having to remember 90 different passwords, you will only have to remember just 1 Master Password to access your password manager.

There are various service providers with different pros and cons, but they all have similar basic features which include:

Password Manager: Store and keep your password safe, but with ease of access

Auto Fill: Automatically fill out fields for you with pre-determined data (name, email address, password, email address, etc.)

Password Generator: Generate and save a strong password when you create a new online account

Here are some well known password managers available in the market:

*I personally use LastPass, not that it is better than other services but it just works well for me. Try a few and see what works for you.

So Am I Safe Now with a Password Manager?

Yes and No. If you switched from using the same password everywhere or saving your password in notes or as text files on your computer, using a password manager is definitely a better option. However, nothing is perfect. Since password manager stores a huge number of password (just like how bank stores money), it becomes a target for cyber-criminals. There have been reports of data breaches of password managers but nothing major as passwords being compromised. This is due to the security and encryption of password managers that are designed to be robust and secure compared to other services (well, they only have one job!).

Again, if asked should you use a password manager? The answer is definitely yes! Bank robbing happens but it's not as easy as trying to rob a person.

Using a password manager is not as difficult as you may think. It does need some set up initially, but after that, it makes life a whole lot better, especially now that you do not need to type in your password anymore, and it definitely put your mind at ease.