One of my newsletters had an interesting article in it today. It talked about a database of login credentials that is open and available for cybercriminals to download, if they know how to find it. They also provided an email address where you can check to see if your email is in the database.
How to See if Your Email is in The Database
Send an email to firstname.lastname@example.org with the subject line Password Exposure Check, and they will send you back an email if they find the sending email address in the database.
I did this with three of my email addresses, and two came back with one password each. They were very old passwords, I think, because I now use a scheme to make it different for every site but follows a pattern so I know what the password should be.
Never Reuse Passwords
Yes, it’s a hassle to keep track of passwords. You really should use a different password for every site because if you use the same one all the time, if one site gets compromised, it could potentially compromise any and all other accounts where you use the same password. This is especially true for email passwords. Think of all the information to be had if someone is able to log in to your email.
How to Keep Your Passwords Unique
One idea is to use a simple phrase that also includes a couple of different characters depending on the website where it’s being used. For example, you could use something like:
Hello world! 29#WE
Where WE is the first two or three letters of the name of the website. The only thing that would vary is the letters at the end (or in the middle, wherever you decide to put them). This strategy has worked well for me, though I do encounter some sites that don’t allow spaces or other weird characters, so it’s not always possible to follow the scheme for every site. But then I just remove the spaces and if that doesn’t work, I remove the special characters. And if those things don’t work, I just request a new password and then write it down in my password notebook.
Another thing I do, to vary them just a little more, is to use a different number for personal use websites (like AllRecipes.com or Facebook) versus business websites.
Stay safe out there!