September 23, 2016
Use Different Passwords

Why?

Do not use the same password across different systems. If one of your accounts is hacked, attackers can use that same password to compromise your other accounts.

How do they know which other accounts you have? They can use your email address, security Q&A, and other info in the compromised account. Then attempt to login to popular services with those information. Think about how many sites use your email as login ID.

Current companies being attacked

You may have heard a recently disclosed Yahoo hack affecting 500M accounts that was performed in 2014. Today, there’s report about current hacks targeting at least 85 companies including:

Amazon, American Airlines, AT&T, Best Buy, Wells Fargo, DropBox, Dunking Donuts, Ebay, GoDaddy, Uber, Match.com, McDonald’s, Office Depot, PayPal, Pizza Hut, Steam, Apple Pay, and others.

See article

How to minimize risk

  • Do not use the same password for work and personal accounts
  • If you have any accounts with the vendors mentioned above, make sure the passwords are unique and follow the suggestions below
  • Close/delete unnecessary Internet accounts
  • Utilize two-factor authentication when available
  • Use password management programs like lastpass.com, 1password.com, or other similar apps.  They allow you to conveniently and securely create complex random passwords for each account, and help you login conveniently.