On May 5th, 2017 a massive trove of 457,962,538 stolen usernames and passwords from various data breaches known as the “Anti-Public” list was uploaded onto the Internet for any criminal to use.
It might surprise you to find out that online crooks freely share and trade these password caches, or that data breaches are practically a daily occurrence.
What is troubling about the Anti-Public list specifically, is that it combines password information from multiple data breaches. Combo lists give any criminal with access to these lists the ability to see which users have the same password for all of their accounts. Even if you use a two or three different passwords, it makes breaching your accounts mere guesswork. Armed with this knowledge, any jerk can compromise the account of someone who re-uses passwords, they don’t even have to be a talented hacker.
Combo lists are compelling evidence that you should never re-use the same password for different websites.
Combo lists are compelling evidence that you should never re-use the same password for different websites. Should your password get stolen by a phishing attack, or should one website you use get breached, that password will be known to just about anyone, forever! Even if you change passwords after a data breach you might forget about another, leaving yourself open to further compromise. That’s assuming you ever find out that your password has been compromised in the first place!
Instead, try to use a unique password for every site you access. Unique passwords make it impossible for criminals to simply guess their way into your online accounts. Online crime is all about opportunity, so if your accounts present a challenge they’ll move on to the next person who re-uses their passwords.
Using one password paints a huge target on your back, the digital equivalent of advertising that you keep your house keys under the doormat.
Using one password paints a huge target on your back, the digital equivalent of advertising that you keep your house keys under the doormat.
So, if there’s one thing you need to take away from reading it’s this: Always make a unique password for every online account. Never re-use the same password.
In our next post, we talk about the advantages of using a password manager to help you create strong, unique passwords and keep track of them.
Featured image: “badpassword”, is a derivative of “Key 66/365” by massmatt, used under CC BY. “Key 66/36” is licensed under CC BY by Alex Dean Cybulski.