Security Flaw Reminds Us to Never Reuse Passwords

Many internet users have accounts spread far and wide across the web. Online accounts for your social media apps, email provider, and bank accounts are practically a given these days, but what about all those other accounts?

The account you had to setup to buy a promotional t-shirt, the account you created on that cooking website to store your favorite recipes, the account you made as part of a loyalty perks program from your favorite coffee shop…the list goes on.

First, why is it that you had to create an account with a username and password on these “lesser important” accounts? Because every piece of data—even if it’s information that you think isn’t all that useful, like your first name and email address—is typically stored by the entity for subsequent log-ins. That’s a lesson that one corporation has learned the hard way. According to a report by a security firm, the password encryption used on a McDonald’s website serving one of the company’s European markets was not setup correctly. The encryption they put in place can allow the passwords to fall into the wrong hands.

But once again, who cares if your fast food loyalty card is hacked? You should. This is an era when information is a hot commodity, and people literally buy and sell stolen consumer data throughout the dark web. Knowing even the most seemingly harmless information, like how often you grab lunch at a fast food place, can be valuable to advertisers, spammers, scammers, and more. All of your information contributes to your overall identity puzzle, so securing even the most innocuous accounts with a strong, unique password is important.

Too often, when a website doesn’t deal in financial transactions or store your financial information, it can be seen as harmless by the IT people, too. That’s why it’s absolutely critical to never reuse passwords from one website to the next, regardless of the type of industry or the sensitivity of the account.

Remember, a strong password is one that contains a combination of uppercase and lowercase letters, as well as some numbers and symbols. NEVER use a word like “password” or any part of your name as your password. Once you have a strong password, it’s vital that it remains unique, meaning you do not reuse it on other websites.

Finally, it’s a good idea to change your passwords on a regular basis especially on sensitive accounts like your email or social media accounts. One good way to remember to change up passwords on your lesser important accounts is to click “forgot my password” when you go to log into accounts that you don’t use very often. Clicking the link will send you an email, which then requires you to update your password.


How much information are you putting out there? It's probably too much. We are here to help you stop sharing Too Much Information. Sign up for the TMI Weekly.

Read more: Privacy Concerns Due to Online Advertising

Pin It

Article Archives

 

ITRC Sponsors and Supporters 

 

 

 

 

Go to top

 

The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.