Many users have an extended practice that is the order of the day, and that is none other than the reuse of passwords. One of the most common passwords is the one they use in their email. This also represents a great advantage for cybercriminals when they get hold of an email, since they can access other accounts. Therefore, we are going to explain the reasons why reusing a password is as if you had nothing, and, in addition, we put at risk those of other services where you have it repeated.
Reusing a password is dangerous and can cost us dearly
The password or password is our main defense barrier that maintains the security of our accounts and prevents intruders from stealing our confidential information. For that reason, it is necessary that we create a robust key so that it is not easily hacked. However, having a strong password may not be enough to guarantee our protection. The problem comes because many users use their email password for different platforms or services.
If we do a deep reflection we will realize that our e-mail does not only contain our private conversations, it is much more than that. For example, it can be used to recover passwords for our social networks, platforms and other services. Thus, it is essential that our e-mail has a strong unique password that we do not use anywhere else .
For convenience, many users, to more easily remember a password, choose to reuse it. So when the password falls into the hands of a hacker, what is called the domino effect occurs. In this case, not only does the email account fall into the power of the cybercriminal, but also the rest of the services that have a link with it. Thus, with a little effort, the cybercriminal will take over our social media accounts and everything in their power.
Another reason to take email security more seriously is that we live in an increasingly digital world. Paper letters are tending to disappear for ecological reasons. Thus, we also receive in our e-mail sensitive information from our bank or other people that we want to protect.
How to create a strong password
If we want to generate a robust password or password, it must contain uppercase, lowercase, numbers and symbols such as @, & or $. To this we have to add that the recommended minimum length would be 12 characters. Another factor that can help improve security is periodically changing our passwords . We must also do it when we have suspicions that it may have fallen into the wrong hands. For example, if you have used them in a public Wi-Fi and you have not taken the appropriate measures such as using a VPN.
However, you do not have to force yourself to constantly change passwords. In companies, it has been seen that sometimes it can be harmful because not very secure or very similar passwords are created. Therefore, it should not be forgotten that regular and indiscriminate password changes can cause serious damage in the long run.
Another problem that we can also find is that our password ends up leaked on the Dark Web. By reusing a password, you not only put that password at risk, but also all the others that also use it.
Password managers and two-factor authentication to improve our security
Today we have to handle a lot of passwords. As it is not convenient to reuse a password, and we need a unique key for each account, one of the best alternatives we can adopt is to use a password manager . Some of those that we could use to give some examples are LastPass, Keepass or Passwarden.
In addition to having a strong password, one thing that can improve our security is to activate two-factor authentication in the services that allow it. Thus, in the hypothetical case that someone steals our access credentials, they would need a second step to access it. That second step usually consists of inserting a verification code that we receive from 2FA applications such as Google Authenticator or via SMS. An example might be turning on Google 2-Step Verification.
In short, the best we can do is not reuse a password, make use of a password manager and activate two-factor authentication in the accounts that allow it.