Security Flaw Reminds Us to Never Reuse Passwords

Many internet users have accounts spread far and wide across the web. Online accounts for your social media apps, email provider, and bank accounts are practically a given these days, but what about all those other accounts?

The account you had to setup to buy a promotional t-shirt, the account you created on that cooking website to store your favorite recipes, the account you made as part of a loyalty perks program from your favorite coffee shop…the list goes on.

First, why is it that you had to create an account with a username and password on these “lesser important” accounts? Because every piece of data—even if it’s information that you think isn’t all that useful, like your first name and email address—is typically stored by the entity for subsequent log-ins. That’s a lesson that one corporation has learned the hard way. According to a report by a security firm, the password encryption used on a McDonald’s website serving one of the company’s European markets was not setup correctly. The encryption they put in place can allow the passwords to fall into the wrong hands.

But once again, who cares if your fast food loyalty card is hacked? You should. This is an era when information is a hot commodity, and people literally buy and sell stolen consumer data throughout the dark web. Knowing even the most seemingly harmless information, like how often you grab lunch at a fast food place, can be valuable to advertisers, spammers, scammers, and more. All of your information contributes to your overall identity puzzle, so securing even the most innocuous accounts with a strong, unique password is important.

Too often, when a website doesn’t deal in financial transactions or store your financial information, it can be seen as harmless by the IT people, too. That’s why it’s absolutely critical to never reuse passwords from one website to the next, regardless of the type of industry or the sensitivity of the account.

Remember, a strong password is one that contains a combination of uppercase and lowercase letters, as well as some numbers and symbols. NEVER use a word like “password” or any part of your name as your password. Once you have a strong password, it’s vital that it remains unique, meaning you do not reuse it on other websites.

Finally, it’s a good idea to change your passwords on a regular basis especially on sensitive accounts like your email or social media accounts. One good way to remember to change up passwords on your lesser important accounts is to click “forgot my password” when you go to log into accounts that you don’t use very often. Clicking the link will send you an email, which then requires you to update your password.