By Michael McCool
Do you currently use a password manager? If not, you are probably reusing the same password or variations of the same password for every site you visit. This is a really bad idea. It’s not really a matter of if one of the sites you visit will be hacked, but when.
The site haveibeenpwned.com was created by Troy Hunt, a “white hat”, or what’s known as an ethical hacker. He has collected the various usernames and passwords which have leaked from numerous site breaches over the years. His site provides an easy way to see if your credentials have become known.
If you are wondering if your credentials have been stolen, the answer is almost certainly “yes”. So, think about it for a minute… If your credentials were stolen from a site and you use that same password on multiple sites, all of the data contained on every site is now vulnerable. By using a password manager, you can stave off reuse of passwords and provide a way for unique passwords without you needing to remember each and every password.
It doesn’t matter if you use a simple notebook to store your passwords, or an electronic password book (Keepass, 1Password, Lastpass, etc.), but you need to use one. Some may laugh at the idea of writing all the passwords in a physical notebook, but let’s look at it this way—hackers who are online looking for your passwords likely don’t have physical access to wherever you keep your password book. They try to hack into your accounts from half-way around the world. If you use unique passwords for every site, when one is breached, the data at every other site is still safe. Thieves breaking into your home are not looking for the passwords to your online accounts. They’re looking for TVs, jewelry and quick or easy ways to make money. They won’t be looking for a password book.
If you prefer to use an electronic password manager like 1Password, Lastpass, Keepass or another password manager, there are various guides that can show you the best way to use those. They show how to integrate them into your web browser so, when you visit a site, the password manager fills in your unique password for the site automatically. That’s a whole other article. Just use a password manager. You’ll be relieved when the next data breach happens and you know you’re safe.
For more on online security and password safety read here