As a standard recommendation of IT professionals and security specialists, many of us will be aware that it is advisable to use a range of passwords, but we believe that the importance of this advice cannot be understated. Many studies have shown that people continue to risk their data security by reusing passwords across their online accounts, and this is dangerous.
There is now a whole subsection of cybercrime built around the theft and misuse of account credentials, so it is vital that consumers do not put themselves at greater risk by reusing passwords.
Personal information is a highly valuable resource to cybercriminals, and passwords can be particularly profitable, given that they can sometimes unlock private accounts containing further personal information. A password is meant to be a key form of protection, so why are we compromising this security technique by reusing passwords?
How does reusing passwords make me vulnerable to data misuse?
Put simply, reusing passwords can allow victims to access multiple accounts more easily, but if a hacker were to obtain one of your passwords, and it happened to be one you used across several online accounts, they may be able to access a wealth of private content, potentially being able to view any saved payment card information.
Many people have had more than one password stolen and, by reusing passwords across multiple accounts, the overall risks can be much greater.
The phenomenon of password theft has become more prevalent as hackers have developed more effective methods for extracting and breaking password protection. A technique called credential stuffing particularly exploits those in the habit of reusing passwords across different accounts. After stealing username and password combinations in a cyberattack, criminals can then keep entering these combinations into other sites in an attempt to log in to other accounts.
AI is now making password cyberattacks even easier for hackers, allowing them to find out where account holders are reusing passwords, then using this intelligence to carry out attacks with remarkable accuracy.
How can I keep my passwords secure?
To ensure the strength of your passwords, they should ideally contain a variety of numbers, letters (capital and lowercase), and special characters. Previous reports have found that many passwords use consecutive number sequences (e.g. 12345678) or that they reflected current events, with some recent studies showing thousands of passwords containing the term “coronavirus”.
Given that many of us have dozens of different online accounts. Memorising a different password for each one can seem like an insurmountable task. Password manager applications are specifically designed to tackle the problem of reusing passwords, allowing users to store a range of passwords securely in one place, so that they do not need to be memorised.
Password security and data breach claims
Consumers need to be responsible when creating passwords, but third-party data controllers also have a duty to protect passwords just as they do for any other personal information.
Anyone who has had their password security compromised by a data breach may be entitled to claim compensation. If you are concerned about the exposure of your personal data, contact us to receive free, no-obligation advice from an expert data breach lawyer.