Avoiding Password Reuse
Made by Stacy Martin, Senior Data Privacy Manager at Mozilla.
Examine why re-using passwords is a bad idea and pick up strategies for avoiding that habit, learning about security.
Did you know that reusing the same password is even more dangerous than writing your passwords down? It can be hard to remember multiple passwords, but there are tools that can help. Password managers help you use a different strong password on every site - and change your passwords often - without having to remember them.
Understand the Risks
Watch this short video and then brainstorm what would happen if you reuse your password and someone gets access to it. Use these questions to help you think it through:
- What could a thief do with access to just your e-mail account? Could they change your other passwords?
- What if you hid a list of your passwords in your house?
- Which is higher risk - writing your passwords down or reusing the same password? Why?
- Is someone more likely to break into your house and find the list or more likely to launch an online attack?
Understand the Scale
Watch this short (2 min) video to get a good sense of scale of password resuse
How many times have you been asked to create a password? Brainstorm a list of all the places where you use a password. Consider your screen password, e-mail account(s), website logins, other online passwords, etc. Did you know that the average user has 50 online accounts?
What if your browser could remember your username and passwords for you? Did you know that your browser (like Firefox, Chrome, Safarari, etc.) can save your usernames and passwords on your hard drive in an encrypted - or secret - format?
These password managers can automatically complete the sign-in fields for you the next time you visit each website that needs a password to log you in to it.
To learn how to use your browser's password manager, visit your browser's support page. Follow the link below that matches the browser you use most.
If you want to further safeguard your log-in passwords, you can create a "master password" for your computer. If you set a master password, no one can access your password manager with it.
Learn how and when to use a master password by following the link below that matches the browser you use most.
Third Party Password Management
Research how you can save your passwords in a 3rd party password management system such as Dashlane, KeePass, Lastpass or SplashID. These programs come from 3rd party software developers, rather than from the makers of your Web browser. You can download and install a program like this to work with your browser if you're not comfortable storing passwords with your browser's built-in password manager.
Many 3rd party password management programs are free and ratings are available. With these, your passwords are stored in a database, rather than on your hard drive. The database is locked with a master key or a key file, so you only have to remember one master password.
- Would you use a password manager or master password? Why or why not?
- Would you prefer to use a broswer's password management system or one from a 3rd party? Why?