The Risks of Using the Same Password for Everything

October 3, 2019

In today’s digital age, you can now unlock your phone with your fingerprint or facial recognition. You have two-factor identification to log in to your credit union account. And maybe you have a 40-character password with numbers, letters, capitalization, and symbols. All of these extra layers of security are great, but are your passwords really secure?

As security systems are constantly advancing, so are the “bad guys” and their tactics. In honor of National Cybersecurity Awareness Month, here are some ways to help better protect yourself from hackers.

Use different passwords for each account.
Having one password for everything seems convenient, however, it makes you more susceptible to identify theft. While you can use the same password for everything, keep in mind that most companies do not use as many security features as financial institutions or social media networks. 

Let’s say you have a Hello Fresh subscription or Home Depot account. Hackers will target more vulnerable companies and their websites to access a customer database and stored passwords. Once a hacker finds your password in one location, they will try to use it for every account linked to your email. Varying your passwords may sound tedious, but it will keep your accounts more safe and secure. 

Same thing goes for PINs.
Is your four-digit code to unlock your phone the same as your debit card PIN? This is just as bad an idea as using the same password for multiple accounts. If thieves stole your phone and wallet, they would have a one in 10,000 chance to randomly guess the number correctly. If they had five tries, they would have a one in 2,000 chance. Four-digit PINs should be as random as possible since they’re easier to guess. It’s best to avoid common combinations: 1234, 0000, 1111, your birthday, address, or the last four digits of your Social Security number.

Set up a location tracker on your digital devices.
Your phone and computer hold more information than you might realize. This includes the locations you’ve recently searched on your map app, passwords saved on your browser, and automatic sign in to your email.

If you lose your phone or laptop, you can most likely customize your settings to control the device remotely. For Apple devices, you can use the Find My app for phones, laptops, watches, and earbuds — even when they’re offline. For Android devices, you can use the Google Find My Device app or visit android.com/find. These services allow you to play a sound to locate your phone if it’s nearby (even if it’s on silent or do not disturb); secure the device by locking it and signing out of your accounts; and completely erasing all content from the device.

Cybersecurity is a top priority at MSUFCU all year long — not just in October during National Cybersecurity Awareness Month. Visit the Security Center to learn more about the ways we protect our members’ accounts.

Tags: