Passwords are essential. Protecting them is essential, too. Find out why you shouldn’t share them with others, and learn how to create passwords that will keep you and your data safer.
Password Sharing is Risky Business
Think about all the online accounts you have that include your personal or financial data. Whether it’s your favorite streaming service, an online store account, or a credit card site, each of these places include information you want to keep private. The entrances to these places are the passwords you use, which makes password security vitally important to staying safe online. Your passwords carry significant value to cybercriminals, which is why they’re constantly trying to figure them out. Here are seven tips to protect your passwords and keep your accounts safe and secure.
Create unique “tough to crack” passwords
Avoid words containing personal information – Names of your pets or family members, and numbers like addresses, phone numbers, or birthdays might be publicly accessible from forms you’ve filled out or posts you’ve made on your social media accounts. These are easy targets for hackers.
Incorporate symbols and numbers – Combine special characters with numbers and both upper and lowercase letters to ramp up the complexity of your password.
Create a complex and unique password using a secret code from a favorite phrase – Think of a line of movie dialogue, a song lyric, or a quote you like and convert it into a password, using the first letter from each word and also substituting some of the letters with numbers or special characters. For example, you could take the movie quote, “Fasten your seat belt, it’s going to be a bumpy night” and make the password, “Fy$BiG2b@bN.”
Password length – the longer the better – The longer your password, the harder it’ll be to crack. Good passwords are at least eight characters long, but strong passwords use ten or more characters.
Use different passwords for different accounts
If you use the same password for multiple accounts and hackers are able to acquire your password, they’ll be able to access all those accounts. Many sites and apps now provide a password generator when you create a new account that randomly creates a strong password.
Secure hard copies to keep your passwords safe
If you create a document containing a list of all your passwords, either hand write it or save it on a computer not connected to the outside world and keep the hard copy in a safe or locked cabinet. Leaving your piece of paper or sticky note with all your passwords right next to your computer makes it too easy for a family member or nosey team members to access your information.
Change passwords regularly
A good rule of thumb is to change passwords for accounts you access regularly at least once a quarter. Mark your calendar so you’ll know when it’s time to make changes.
Consider alternatives to creating your own passwords
There are other password protection options available if you prefer not to have to come up with your own passwords. Here are two:
Use a password manager – A password manager, or password vault, is a software application that generates unique, hard passwords and fills them in for you on your selected accounts. There are many password manager programs available, but here are a few examples: 1password, LastPass, Dashlane.
If available, use a “Bio” method – Many devices give you the option of using your fingerprint or face ID to log you in, and nothing is more unique than that.
Share passwords only with people you trust (and establish ground rules)
Think of your password like your social security number. Who would you feel comfortable sharing that with?
If you do share your password, consider doing it via a password manager with “limited” rights to keep the password safe – the password will remain encrypted and no one else will be able to see the actual password text.
Before sharing passwords, make sure you and the people you’re going to share them with are on the same page about digital privacy and any further sharing.
If you’re planning to share your password with someone else so they can gain access to your streaming service account, like Netflix, Disney+, or Amazon Prime, first read the terms of service you agreed to and make sure you’re not breaking any rules. Plus, be aware that sharing passwords may put your own viewing access at risk since some services limit the number of devices and simultaneous streams. And remember: all streaming services know when unauthorized password sharing occurs. They can tell, for example, when users sign in to the same account from different IP addresses or locations and also what types of devices are being used.
Be wary of typing passwords on devices or networks you don’t control
Keep in mind that when you enter your password on another person’s computer, it could be stored without your knowledge.
When using devices on public Wi-Fi, avoid visiting websites that require you to log into your account. Your unencrypted data is vulnerable in unsecured public networks and could be intercepted by a nearby hacker.
Many services today employ two-factor authentication, requiring two sources to allow access to their sites: a password and another trusted source, such as a mobile phone number. This is a good thing – even if a hacker discovers your password, they won’t have access to your other source. If you use one of these services, make sure to add an additional (third) backup source to the account, such as a second phone number or an email address so if, say, your phone gets lost, you’ll still be able to access the service.
Bottom line: Create strong and different passwords for each of your accounts, protect your passwords like you would your social security number, and avoid sharing passwords. If you are planning to share a password for an account, only share it with a trusted source and review the service agreement first to make sure you won’t be breaking it.
On the Horizon: Passkeys
Support for passkeys is expected to be introduced by Apple and Google in 2022. Passkeys will replace passwords with a biometric check – a fingerprint check or facial recognition, for example – linked to digital data on your phone or PC. A passkey you set up for an app or site will be stored on the device you used to set it up. Services like Apple’s iCloud Keychain or Google’s Chrome password manager will be able to synchronize passkeys across your devices. But you won’t be able to access an account secured by passkey from a device that isn’t yours, like a public device or friend’s device, unless you also have your own device handy.
Keep Your Passwords Private
Login information out of your hands is out of your control. If the wrong people get it, they have access to any personal information in your profile. And if you use the same username and password for multiple sites and services, those accounts will be vulnerable, too.
The more people who know your username and passwords, the greater the risk.
Interested in learning more?
Test your knowledge with our password sharing quiz.
Out of Hands, Out of Control – Watch Video
We have keys to our homes. Our Cars. Safe deposit boxes. Keys let us in and keep others out.
Passwords are digital keys. They protect what is ours. Things we’ve paid for. Our sensitive information.
To share your password is to lose control of your keys. They may be passed around. Or copied. Or sold online.
The point is, you don’t know. Protect your keys. Protect what’s yours. Don’t share passwords.
Access to Personal Information – Watch Video
When you create an online account, you provide personal information. Often financial. A credit card number.
And you trust that it’s kept secret and secure. Because you don’t want your information falling into the wrong hands.
When you share a password, you voluntarily expose your personal information. To whoever you share it with.
And whoever they share with. Friend or foe.
Protect yourself. Don’t share passwords.
Passwords & Personal Info Can Be Sold – Watch Video
Account information is valuable. Usernames. Email addresses. Passwords.
In demand on the internet’s black market.
It’s our job to protect our accounts. To safeguard our personal data; our financial information. To use effective cybersecurity.
Sharing passwords puts account information at risk. Expands the circle of people with access. Makes our accounts more vulnerable.
Keep your information off the black market. Protect yourself. Don’t share passwords.
Reused Passwords – Watch Video
We know it’s a bad idea to use the same password for multiple accounts.
If one password is stolen, they all are. If one account is compromised, they all are.
We know it’s a bad idea but many of us still do it. Which makes it even more important not to share passwords and login credentials.
Because if you reuse passwords, you’re not just sharing the one to this account. You’re also sharing the one to that account.
Which gives more access than you intend. And creates risk that you want to avoid.
Protect your accounts. Protect your information. Don’t share passwords.