7 Common Password Security Mistakes and How to Avoid Them
As you may know, password security mistakes are a lot easier to make than they are to fix. Once an unauthorized user breaks into your account, they can do pretty much whatever they want to in your name.
For instance, they can look up even more of your sensitive information in your account settings. They can also use your hacked account/stolen information to make purchases with your saved credit cards.
Plus, if it’s a professional cybercriminal who’s doing this, it can happen very fast. By the time you find out about it, it may be too late to repair the damage they’ve done.
Fortunately, preventing this scenario is immensely easier than recovering from it. You just need to follow a few simple password protection rules. And we’re going to teach them to you.
Below, we list the 7 most common password security mistakes and what you can do to avoid them. Follow these tips to keep your online accounts, and your identity, protected.
1. Easy-to-Guess Passwords
Using weak (easy-to-guess) passwords is the most common password security mistake. And it’s no mystery why.
We all have so many online accounts, it’s hard to keep track of them all. Memorizing a unique/complicated password for each account would be near impossible.
So, we create one easy-to-remember password that we use for every account. The problem is, if it’s easy for you to remember, then it’s easy for someone else to guess.
It’s a catch 22. We know we should use strong passwords. But if we do, we can’t remember how to get into our accounts.
What you may not know is that you don’t need to remember your passwords. Just use a password management app instead.
These apps keep track of all your passwords for you in the most secure way possible. This way, you can use strong password ideas and let the app remember them. Do some research to find the best password manager app for mac systems, or whatever device you use.
2. Reusing the Same Password/User ID Combo
As mentioned above, we often use a single password, or variations of it, for most/all online accounts. Thus, if just one of our passwords is discovered, all of them are. This is an even bigger problem when you reuse the same password/username combination.
Again, this mistake is solved by using a password manager app.
3. Saving Your Login Info
Saving your login information is another mistake people make when they don’t use a password manager. For instance, let’s say that you use a unique password that no one could guess for each of your accounts. But then, to avoid forgetting these passwords, you check the “remember me” or “save my login information” box on every login screen.
Checking that box renders your “strong” passwords completely useless. It actually bypasses the login process altogether, essentially unlocking the door to your account.
Thus, identity thieves and cybercriminals don’t even need to “break into” your account. They merely need to borrow your phone or use your computer while you’re not looking. Then, they can just look through your browser history to find all the accounts you’ve left wide open for them.
Sorry to sound like a broken record here. But this problem is also solved by using password managers.
4. Telling Everyone Your Password
Maybe you’re a very trusting person and you let people borrow your passwords. For example, you might have friends with whom you play various online games. Sometimes, you might allow them to log into your game account to perform some action on your behalf.
There are so many potential security risks inherent in this scenario. To name a few:
- You tell your friend your login info in an open chat that anyone could read
- Someone hacked your friend’s account and is posing as them to get your information
- Your “friend” actually is a deceptive cybercriminal
- Your friend is even less careful with your password than you are
- Your friend shares your password with his/her friends, who share it with their friends
And this example is merely one of the ways you might purposely share your login info with someone. There are many others, too. But the point is, never entrust your login info to anyone but yourself.
5. Leaving Your Password List Out in the Open
Alternatively, you may share your password with others accidentally. The most common example is leaving a Post-it next to your office computer that lists all of your passwords.
Storing passwords in your smartphone is a little bit safer since you can lock your phone securely. But someone might still guess your phone password or take your phone right after you’ve unlocked it. It’s still better to use a password manager.
6. Improper Response to Attempted Hacks
Anytime you receive a (legitimate) notification that someone you don’t know tried to access your account, always change your password. The unauthorized user may have been unsuccessful this time. But their next guess might be correct.
7. Falling For Phishing Scams
Speaking of account notifications, not all of them are legitimate. For example, you may receive an official-looking email that appears to be from PayPal.
It reads something like, “We have detected a login attempt from an unauthorized user. To protect your account, click here to change your password.”
Unfortunately, these notifications are often from scammers. The link will take you to a fake version of the PayPal website. There, the scammer hopes to trick you into revealing your PayPal login information so they can hack your account.
Always make sure a notification is legitimate before you click any links. For instance, make sure the sender’s email address is official (“firstname.lastname@example.org” instead of “email@example.com”). Beware of “official” emails that address you as a “customer” instead of your actual name.
Better yet, don’t click links in your emails at all. Instead, open your browser, go to the official site of your account, and check your account from there.
Avoid These Password Security Mistakes
Don’t let a simple mistake turn into several enormous problems. Remember these tips and use them to avoid these common password security mistakes.
Stay right here to learn about the latest malware and other cyber threats. Plus, learn the cybersecurity tips you need to protect your network. Find all this helpful content on our Security blog.