Dont Recycle Passwords

    Reusing and Recycling Passwords Reduces Their Resilience

    Recycling is a wonderful thing. It provides people with jobs, it helps the environment, and it keeps the waterways clear... So it can't be that bad to recycle your passwords... Right?

    Would you be okay with your mailbox, car, bank account, and house using the exact same key? If you answered yes, then you should really think about this some more. If you answered no, then good job on realizing why recycling passwords sounds like a terrible idea!

    Unfortunately, using the same passwords for everything is a big problem. As I say quite often, a chain is only as strong as its weakest link. With each recycling of a password, it becomes more likely to be leaked than broken. And once it’s out... well, then it’s out. A leaked password is about as useful for securing your data as an unlocked door is for keeping your house secure. Many password crackers will go through known leaked passwords before trying to randomly generate any. That is a major problem if your accounts have any valuable data on them.

    (Pro-tip: All of your accounts have valuable data on them.)

    Even if you're reusing passwords which are "really strong", you're still running the risk of a chaining breach. 

    A chaining breach occurs when someone gains access to your account on website A, which they can use to access to website B. Website B has more information like your email, name, and date of birth on it. With the info from websites A and B, they can now access email account C... With email account C they can get into bank account D...and so continues the downward spiral.

    You're going to have a bad time if you recycle passwords. 

    What you really need to do, is figure out a way to come up with strong random passwords for each account you log into. Some people use mnemonics to remember them. Other people use passphrases. The list of methods goes on.

    If you're needing a workplace solution though, then you'll want something better to protect your corporate interests. For personal use, abbreviating your favorite song may make a brilliant password, but if you're a workplace that uses song abbreviations as their password policy and everyone knows you listen to Rush for hours on end... well... it hardly takes social engineering to guess your password at that point.

    At that point your best bet would be some sort of login system that randomly generates passwords for the multitude of accounts your users need to access, then stores all those credentials in a singular secure location for ease-of-access and efficiency.

    Many companies claim to offer such solutions at a cost. AuthAnvil takes this process a step further by making a solution that is easy, affordable, and potentially profitable.

    Ready to Get Started?

    Let's Talk