Neither should be reused!
Although password complexity is important, one of the biggest dangers concerning passwords is reuse. Often, a user will go to John Doe’s site, and register using his email address and the same password that he or she uses everywhere else. This is fine in theory because every legitimate website encrypts passwords, but what if the site is not legitimate? What if the website gets hacked and someone steals the user list?
Now, cyber criminals have a list of thousands of email address and password combinations many of which, are the same emails and passwords needed to access everything from online banking to Facebook profiles. No matter how random and complex a password is, it has just been compromised.
How often does this really happen you ask? It happens every day. Sony’s Playstation network has been hacked not once, but twice recently. I personally was a victim when Gawker Media’s (a news corporation) servers were hacked only a few months ago. These days it is not a matter of if, but when a particular password will be compromised.
Fortunately, all hope is not lost. The quickest way to stop the bleeding when a password has been compromised is to have used unique passwords for every website from the start. This isn’t as hard as it seems either. The Mozilla foundation, the same people who brought us the Firefox web browser, released a great video explaining how to create and remember secure passwords.
So the moral of the story? Don’t reuse your passwords. It is neither smart nor healthy.
If you have any questions, please leave a comment or send us an email.