Are you like many of us who have hundreds of accounts around the interwebs?
Are you one of the many using the same password over and over and over again on all your accounts? If so, this is not good.
Let me share a story that happened about a year ago…
A friend of mine got Facebook hacked and they sent out messages to all of her friends. When she saw it she immediately went and notified everybody that it was spam and probably a virus and that they shouldn’t be clicking on those links. What she didn’t do was change your banking passwords. And unfortunately, she was using the same passwords with her bank accounts as she was with her social media.
48 hours later her bank accounts were empty. The people who hijacked her bank accounts also got her card details somehow and made all kinds of purchases. Including $1,000 a night Airbnb.
Six months later, my roommate actually got the same kind of message. Fortunately he was smart enough to come ask some questions and didn’t click any links and he went and changed all his passwords for my recommendation. But, literally a couple hours later one of his friend’s account started sending out the same spamming messages. She as well went in updated all of her passwords.
I would recommend that you visit https://haveibeenpwned.com/ . Have I been pawned is a database is All the known hacks breeches that have happened over the years such as Yahoo, LinkedIn and Adobe.
Visit have I been pawned in enter your email address to see which breaches it’s been involved in. The check your password and see how many others are using the same one and if it’s been exposed in one of these hacks as well.
Password reuse and credential stuffing
Password reuse is normal. It’s extremely risky, but it’s so common because it’s easy and people aren’t aware of the potential impact. Attacks such as credential stuffing take advantage of reused credentials by automating login attempts against systems using known emails and password pairs.
Here’s what I would recommend if you are using the same password around the internet… Change them immediately! And make them ALL DIFFERENT!
But you asked, how am I supposed to remember all these password? My personal favorite, https://LastPass.com.
LastPass is a free password manager that stores your passwords encrypted and all you need to do is remember your main password to access your passwords. It also generates complex passwords for you and saves them so you don’t have to remember obviously later. Just remember your main password.
Here’s a PSA video I did last year when it happened. Take a look at how to protect yourself and then ‘ACT’! Don’t be a victim.