Bad habits can cost you serious time and money when managing your passwords.
We all know the hassle of forgetting a password and having to reset it, but that's nothing compared to what you'll go through if your accounts are compromised because you managed your passwords poorly.
It's the age-old story of a company that uses the same password for everything, then one unimportant site gets hacked, and the attacker gains access to all of their accounts.
Luckily, building good password habits is easy with the right strategies and tools. Read on to learn about lazy password management habits and how you can fix them.
1. Don’t use the same password everywhere
It's only a matter of time before one of the websites or apps you use gets hacked or has a security lapse. See Dropbox, Adobe, and the Heartbleed bug that affected several websites.
Once a hacker gets one of your passwords, it's easy for them to try that password on countless other websites. For example, if you use the same password for Instagram as for online banking, a lapse in Instagram's security can result in an empty bank account.
Using the same password is one of the riskiest things you can do online; it's asking for trouble.
Stop using the same password! Instead, use a password management service (like TeamPassword.com) to randomly generate and store your passwords so that you have unique passwords for different services without needing to remember them all.
2. Don’t keep the same password for an eternity
Passwords, like the oil in your car, should be changed regularly. Many breaches happen during the weeks and months before an attacker acts on the data they've captured. If you update your password, it's tough luck for the hacker.
Don't make it easy for hackers and malicious users. Change your password on a regular basis.
Set up a system that reminds you how old your passwords are. TeamPassword shows the last time you updated the password every time you use the account--shaming you every time you see "Last Updated: 5 years ago."
3. Don’t rely on your browser
Storing passwords in your browser is quick and easy, but doing so opens a can of worms for your personal and business security.
Browsers now allow you to sync your passwords, bookmarks, and more so that you can sign in from any device and access your data.
Except that if you lose your laptop or phone or forget to sign out on a public computer, your data will continue to sync between devices until you remember to sign them out manually and update your passwords.
In the meantime, you’re an easy target.
We've all seen those "Brian left his Facebook open!" posts made by someone's friend (and that's the polite version). Imagine the kind of mischief--or trouble--someone could get into with access to your bank account or company Workspace.
What if you store passwords in your browser but don’t sync? You may think you won’t need them while traveling in Morocco--until you realize you forgot to schedule your car loan payment or you get a text message about suspicious activity on that credit card you hardly use.
Use a logic management service that requires authentication to access your passwords so that you can access them everywhere (and so that your friend Jessica can't be a jerk on your social media or bank account when she borrows your computer).
TeamPassword offers a mobile app and 2FA so that you can access your passwords securely on the go.
4. Don’t share your passwords liberally
We all need to share passwords from time to time, whether you're giving the WiFi password to a guest or collaborating to update a Twitter account for a business.
The problem is sharing too many passwords. Bad habits often come in clusters, so you may use that same password on other services, exposing you to severe risks. Think of passwords like they're the keys to your house. You're not going to give that up to just anybody.
Furthermore, you will likely forget who you shared your passwords with. It might not seem like a big problem now, but let's be honest, do you want your crazy ex (or vindictive former employee) to have access to any of your online accounts?
Use a team password manager that helps you share passwords and shows you who has access. That way, adding or removing password access as needed is easy. Plus, you'll quickly know which passwords you need to change if you've parted ways with someone.
5. Don’t share your passwords via email
Email is an inherently insecure means of communication. You don't need to be Sony to be a target of an email hack. Never use email to send sensitive information. Plus, who wants to comb through old emails to find a password?
Use a password storage service with strong security practices to share that sensitive information. TeamPassword offers unlimited groups, so passwords are securely shared with only those teammates who need them.
If you have any of these bad habits, you must stop doing them now, before one of the apps you use gets hacked. Malicious hackers can steal your money, time, and even identity if you have risky password practices.
We started TeamPassword to help teams avoid these bad password habits and the losses that come with poor password management. Try it out with our free 14-day trial.