Sharing and reusing passwords is one of the easiest ways hackers can gain access to your online accounts. A recent data breach at a water treatment plant in Florida — where a hacker attempted to poison the water supply — was due to the fact the facility’s computers shared the same password for remote access.
Throughout my career in cyber security, I’ve heard some pretty wild stories about places people keep their passwords. So I asked the online community on LinkedIn and Spiceworks to share their wildest answers for the best place to store a password.
The response we received was overwhelming with IT, information security (infosec), and cyber security professionals chiming in to share their jokes and some real-life horror stories. Our team rounded up the best answers of where to NOT store your password. Enjoy!
Here are the top 10 worst places to store a password
1. Make the password the same as your username
2. Tattoo your password, then update it frequently
3. Temporary tattoos also could work
4. Featured in the background of a video call
5. Store your password in a public directory
6. Put your password on a sticky note
7. Share your password with a friend
8. If you don’t have friends, just tell your neighbor, or your AI, your password
9. The Nigerian Prince is always a good choice
10. If all else fails, put it on your favorite mug
Terry also said that if you are using a 2FA solution that pops up a yes/no prompt on your phone, don’t respond ‘Yes’ unless you are actively trying to login. “I have friends that are part of a red team and they are getting past 2FA prompts on a fairly frequent basis because people just approve the login,” Terry explained.
While these responses were hilarious, unlike the reality of the situation, password sharing and reuse are just some of the many ways hackers can gain access to your online accounts.
The importance of using two-factor authentication (2FA) or multi-factor authentication (MFA) cannot be understated. With multi-factor authentication turned on, a hacker will have an extremely difficult time trying to access your account with just your password.
You’re in full control of making strong and unique passwords for your online accounts. Together, we can keep your sensitive information protected by not re-using passwords… and still have a few laughs.
At Curricula, we’re on a mission to make cyber security awareness training fun. Our story themed episodes explore security topics such as how to create strong passwords, why you shouldn’t reuse passwords, phishing, social engineering and so much more. Check out an episode and see for yourself how fun learning with Curricula can be.