Weak passwords are a major privacy and security risk. Choosing weak passwords can lead to account take over which can in turn lead to private data being leaked.
Table of Contents
- The Problem
- The Solution: Use a Unique Password for Every Site
Even with data breaches gaining increasing news coverage in recent years, many people still rely on insecure passwords. Last year, the top five passwords present in data breaches were: 123456, 123456789, picture1, password, and 12345678.
If you have been using the Internet for any amount of time, there is a good chance that a service on which you have an account has been compromised. Have I Been Pwned aggregates information from these data breaches and allows you to search by email. If you find your email address in a breach, you can assume that your password has also been compromised.
Hackers use lists of leaked passwords to attempt to gain access to sites via credential stuffing or brute forcing. If you use the same password across multiple sites and online services, all accounts using that password are vulnerable to attack. Despite all of this, approximately 50% of Internet users reuse the same password across multiple accounts.
The Solution: Use a Unique Password for Every Site
The solution to weak passwords and password reuse is to use a strong and unique password for each of your online accounts. This will make it harder for your accounts to be compromised via brute force methods and will prevent additional accounts being breached if credentials are obtained for one site.
Install a Password Manager
In order to keep track of these passwords, you should install a password manager. A password manager allows you to generate unique passwords for each site. You secure the password manager with a strong and unique password. Once unlocked, you can access your unique logins. This allows you to remember one strong password while having unique passwords for each login. Password managers can be used in conjunction browser extensions that allow you to auto-fill your login information for each site.
The best overall password manager is Bitwarden. Bitwarden is a multi-platform password manager that has desktop apps for Windows, Mac, and Linux, extensions for most popular web browsers, and mobile apps for iOS and Android. You are able to sync your password vault across these different devices, making it easy to use access your passwords no matter what device you are on.
Bitwarden is open source software that uses end-to-end encryption. This means that nobody at Bitwarden can access your passwords. Additionally, Bitwarden has undergone third-party audits to identify and fix potential security issues.
Bitwarden has a free plan as well as paid plans. For securing passwords, the free plan will work for most users.
Setting Up Bitwarden
The following documentation will help you get setup with Bitwarden: