Why you should use different passwords

Using the same password for all of your accounts is like having one key that unlocks every door in your life. It would be extremely unwise for a person to just rely on one key to unlock the doors to their home, their car, their office and their safety deposit box, because if that key were to get lost, it would simultaneously create multiple high-risk situations that need to be addressed quickly.

The same principle applies for when people reuse the same password for their personal email, their bank account, their credit cards, and their Auburn University accounts. If you use the same login credentials across the Internet, then it won't take long for a savvy hacker to identify multiple places they can use your stolen password.

A different concern when reusing passwords is that a site with strong login security (e.g. your bank) might have its extra security measures rendered useless if you use the same login information on a website with weaker security. A hacker who has compromised the weaker site now has the correct credentials for your bank's website. When you share login information on multiple websites, even the best protected websites become only as secure as the weakest site that uses the same login information

Therefore, it is crucial to use different passwords for different types of accounts. This doesn't mean every single account you have online needs its own password. You can reuse a password on websites that can't cause you any harm. But if a website is storing personal information, especially credit card or financial information, then it needs to have its own unique password. In addition, if you have any of the following types of accounts, you should use unique, strong passwords, for each:

  • Your personal email account
  • Your Auburn University account
  • Online bank account
  • Online credit card account
  • Online tax preparation accounts
  • Your social media accounts
  • Any account that stores personal data about you (home address, financial information, etc)
  • Any account that someone could post information in your name that would be damaging to your reputation (e.g. LinkedIn, Facebook, Twitter)

Content source

Last Updated: August 23, 2016