Top 5 bad Password Habits

Passwords are undoubtedly the core authentication layer on all of our accounts. Unfortunately, recent statistics have shown they get compromised severely due to bad password habits.

  • Using the same password everywhere – Analysts estimate that some 50% of people on the Internet are still using the same password for all of their logins. This is one of the riskiest things you can do online – with massive breaches affecting more consumer websites and services, it’s only a matter of time before one (if not more) of your online accounts gets leaked online. If you use the same password across multiple websites, it only takes one website leak for someone to get access to your other online accounts, and jeopardize your identity.
  • Never updating passwords – When was the last time you updated the password for your email accounts? How about your online banking and other financial accounts? Or your social networking accounts? Having strong passwords is just as important as regularly changing those passwords, especially if the same password has been used on more than one account.
  • Checking the “remember me” option – Many websites give you the option to remember your username and password. They might also keep you logged in to the website for as long as possible. The danger here is either you’ll likely forget the username and password if you have the website remember it without securely storing it elsewhere, and/or anyone with direct access to your computer will have no trouble getting to your accounts – Not to mention that ‘Session Hijacking’ or other type of likely attacks can also occur.
  • Storing passwords in the browser – Storing passwords in your browser might be convenient, but it’s not sufficient to keep your passwords and online accounts protected.  As any vulnerability in the browser/browser extension (plugins/add-on’s) can also lead onto compromising Browser password managers. Use a password manager instead!
  • Sharing passwords too freely – At some point you’ve probably had to share a password. It could be a WiFi login with your house guests, or accounts to pay online bills with your spouse, or a login with your business partner. Whatever the case, passwords should be shared sparingly, and only with those you trust. And when the person no longer needs the password – it should be updated immediately.

There is no tip-top solution to avoid bad password habits. Writing down passwords and storing them in a confidential manner (in a safe-lock) can have its own down-side as well. Nonetheless, whatever the way you would like to store your passwords – there are certain measures which can help.

  • The foremost thing is to choose a STRONG PASSWORD or should we say: a PASSPHRASE. Following comic sums it well.
Strong password mailfence blog comic

Source: https://xkcd.com/936/

  • Always use a safe (for e.g., encrypted channel) & trustworthy medium (for e.g., not known for having/planting backdoors) for sharing your password with someone. If possible, prefer giving it personally.
  • If not weekly, changing your passwords on a monthly basis is surely an effective security practice – provided you’re not just increment-ing  it by 1,2 and so on.
  • Don’t store written copies of your password (for e.g., on sticky notes, your work diary, or even on the back of your keyboard). But if you really have to us it temporarily or access it from a written source, please store it in safe place.
  • Sites like https://howsecureismypassword.com, https://password.kaspersky.com and http://www.passwordmeter.com/ gives you a good password reading on how long it will take to crack your password.
  • Sites like https://haveibeenpwned.com and https://breachalarm.com lets you check if your account has been compromised in various data-breaches. If you think your account has been compromised, then reset your password immediately.

Above are just few practices which you can apply to protect and safeguard your password.  By doing so, you will surely reduce the chances of your accounts getting compromised.

Reclaim your email privacy!

Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team


Spread the word !

M Salman Nadeem

Information Security Analyst - Security Team | Mailfence

You may also like...

10 Responses

  1. Ram Singh says:

    Sounds great. I would use the suggestion as much as I can. Unfortunately, now a days everyone wants to know our email.

  1. June 5, 2016

    […] Ram Singh on Top 5 bad Password Habits […]

  2. June 5, 2016

    […] Ram Singh on Top 5 bad Password Habits […]

  3. June 5, 2016

    […] Ram Singh on Top 5 bad Password Habits […]

  4. August 29, 2016

    […] Protect your password. Choose a strong password and don’t reuse it.  If you enter your password in some other website and […]

  5. September 28, 2016

    […] account with Mailfence OR any other service, we recommend you to change all those passwords and use different and strong passwords for each of the services you […]

  6. December 1, 2016

    […] un premier temps, choisissez un mot de passe fort et veillez à ne pas le réutiliser. Si vous entrez votre mot de passe dans un quelconque autre […]

  7. December 7, 2016

    […] different logins for each service and secure your passwords: Make sure your passwords are strong and don’t re-use […]

  8. February 2, 2017

    […] criminals: they have the tools and knowledge to crack or guess your passwords (which are probably too simple and weak) in just a few […]

  9. February 7, 2017

    […] a password-change schedule (for e.g. every 3 […]

Leave a Reply

Your email address will not be published. Required fields are marked *