Tip #12: Securing External Accounts: Unique Passwords

Of all the Stupid Simple Security Tips that I will ever give you, perhaps none is as simple – or as stupid to ignore – as: ALWAYS USE UNIQUE PASSWORDS.

Like brushing your teeth, filling your tank, or saving up money for retirement, proper management of passwords can feel like thankless drudgery that’s easy to skip…but proves disastrous once negligence comes due.

Luckily, there are now tools that will automatically diversify your passwords AND keep track of them across your entire array of devices…this critical measure couldn’t be easier. You’ll still need to brush your teeth.

To drive home this tip’s importance, let’s take a quick look at why it’s critical to compartmentalize account access.

Homo sapiens are creatures of habit who, by default, use only a few passwords. To least tax our memories, most have a basic go-to password…perhaps a beloved pet’s name. When some website calls out our weak sauce, we reluctantly add on our spouse’s birthday. Encountering even higher security, we’re prompted to include alternate cases and symbols, so we capitalize the pet name, toss on a question mark, and feel invincible to any army of hackers. Peaches1215? forever!

We carry on, using-and-reusing these same three passwords…and then comes news of a breach.

Still, we don’t bat an eye about Netflix’s compromised data – we’re not ashamed of binging Bridgerton! Of course, the problem is that those credentials are now for sale on the Dark Web, and anywhere that you access with your email and a repeated password is now vulnerable to exploitation.

To do nothing would be tantamount to learning that your house keys had been copied all over town but failing to call up a locksmith.

So what should we do?

Rather than buying a new pet or supplementing passwords with a fresh slew of question marks tracked by an endless succession of Post-Its, get a password manager to generate and store unique keys for all your accounts.

There are several good products on the market – from subscription services to apps to browser extensions, but for over a decade I have used 1Password.

The best software will generate unique long-string passwords on demand, save them securely in the cloud for cross-platform retrieval, associate them by domain, and even auto-fill them upon verification – no memory or mess required.

After choosing a manager, immediately visit the 10 accounts you think most critical and replace your passwords. (Pretend ALL your accounts have been breached. Which 10 would stress you out the most?) Eventually, you should update the rest on a rolling basis as you access them. It’s a bit of a pain, but a one-time task that could prove invaluable in the long run.

Don’t be stupid, take this simple tip – and rest easier knowing you’re far more secure.

Please!