Password Security

Many sites we visit ask us to create an account with them. In many cases, our email address becomes our username. There's some good reasons for this:

My recommendation is to NEVER use your email accounts password as your password for websites you register on. It may seem obvious not to do this, but many people like to use one password to keep things simple. If you like to keep only one password, you should consider having two instead one for email and one for all other websites.

The risks of using the same password for websites as your email account is that someone can easily gain access to your email. A couple of methods by which this takes place are:

  1. The website you create an account on has both your email address and its password. How trustworthy is the operator of the website?
  2. You can be tricked by clever ads or webpages or emails that look like they're legitimate which ask you to log in to your account. But instead, they collect your username and password.

With your email address and password, the damage which can be caused is great. Hackers know what websites you do business with and can change your password and email address on your accounts to lock you out and to have free reign with your account. They can use website's "forgotten password" function to reset your password. You can be locked out of your own email account which today can be an archive of years of important information. Your online identity can be taken from you and assumed by someone else.

It's best to come up with a way to balance password management with security. A two password approach is manageable and protects your most valuable resource on the Internet - your email account.