Why Even Your Crazy Accounts Deserve Strong Passwords
This week, password manager Dashlane analyzed ten years of public data leakage passwords. Key lesson: Don’t reuse passwords. Not even a little, not even with a “formula”. Password formulas are easy to crack . And even your meaningless accounts deserve strong, unique passwords.
If you’ve reused passwords from any of these 284 hacked sites , including MySpace, LinkedIn, Adult Friend Finder, 8tracks, and Adobe, any bored hacker can try these open passwords for your other accounts. (In many of these cases, the leaked passwords were still encrypted. But some were so weak that hackers could still decrypt short or general passwords.)
Therefore, do not reuse passwords on multiple sites and services.
“But,” you say, “I only reuse my password for my crappy accounts!” Indeed, would you mind if all your “shitty” accounts were exposed right away, just because your old Hotmail account was hacked? Are all these accounts such “bullshit”?
Anything related to your credit card details is not bullshit.
If signing in to a particular account allows you to spend money, you should probably use a strong password. If you’ve just logged into ThinkGeek once and used the same password as your old AIM account, you’ve made it easy for strangers to mail themselves official Young Han Solo jackets for your pennies. Are you sure you want to replace your credit card and complete all related paperwork just because you used the same password on Nordstrom Rack and 9GAG?
Anything related to your social identity is not bullshit.
If you’ve visited some fancy social networking site with your meaningless password, and then that fancy social networking site turned into Twitter, it’s probably time to change it. Maybe you won’t be embarrassed when your account spam links to all your friends! Maybe your aunt is too smart to be fooled by a scammer sending her messages from your hacked account! Maybe the hacker will get more retweets than you! Seriously, show some self respect and get a new password for every social media account.
Ryan Merchant, senior manager at Dashlane, notes that personal information in one account can be used to access your other accounts. This mostly matters if someone is specifically targeting you, but this is one way a small hole can turn into a big one. So even these truly meaningless accounts are useful to those who harass you for identity theft.
Anything you don’t want to delete is not nonsense.
If working with all of these old accounts is tedious, delete them. ( AccountKiller has specific instructions for deleting most online accounts). But if you have too much emotional attachment to delete your account, then you have too much attachment to be hacked.
It’s all easier if you have a password manager. And yes, maybe one day the password manager will be cracked. But so far, all of our top recommendations have a much better reputation than sites like AOL, Yahoo, and LinkedIn. And a life without remembering passwords is a life with less stress.