February 25, 2024

Why Change is Good; At least for Your Passwords

It almost seems that every website you visit today requires you to register for access. It’s great that the website is free, but not another registration. Oh great, another username and another password to remember.

If you’re like most people, you use the same username and password for all your website registrations and possibly even for your email accounts. Most respectable websites have privacy policies, as do most fraudulent ones. The validity of privacy statements are only as honorable as the people behind the websites.

Any dishonorable webmaster who collects usernames and passwords from his visitors could have access to any other website you have registered on or email accounts you use. There is absolutely nothing keeping a dishonorable webmaster from testing the password you provided in your registration against the email address you use.

For example, let’s say your email address is john_doe@hotmail.com. You register on Free-Acme-Widgets.com that claims they are giving away free widgets. After a few months, you realize you never received your free widget, but during that time you notice you’re having problems with your email account or totally lost access to it. Jack, who owns Free-Acme-Widgets.com could have been a dishonorable person, noticed you used john_doe@hotmail.com in your registration, went to hotmail.com and tried logging into your account with the same password you used in the registration for his website. If your password was the same, he now has access to your email account and can either read your email, use your account or steal it away from you.

So, how do you prevent this? Never, or rarely, use the same password. I use one email account for most of my website registrations and then change the email address in the account if I decide I need the emails from that particular website. I also use the same or similar password for website registrations that I could care less if someone else gets in under my account. Always keep your email and bank account passwords different than any other passwords.

A good rule to follow is; if you don’t want someone else to access that account, use a different password than what you’ve ever used on the net before.