Why Not Reuse Your Password?

Reusing the same password across multiple websites and other accounts is very tempting, I agree. However, at what cost is it worth it? Microsoft says that its identity systems detect over 4000 password attacks per second! Why so many? Because they’re wildly successful.

When you reuse your password for different logins, you’re playing with fire. Here’s how Malwarebytes Security puts it:

Bad bots do all kinds of unpleasant things. An increasing number try to hijack peoples’ online accounts, which they often do by “credential stuffing.” This is where a bot takes a password and email address that has been stolen and leaked online, and then tries those credentials across a myriad of services in the hope that its owner will have reused the password elsewhere.

True, some accounts matter less to us than others. If someone were to hack my library account, I don’t think they’d do much damage. The risk is if I happen to use the same password for my bank account. Then I’m in trouble. Commonly, many people tend to use similar passwords. Although, how hard is it for a crook to go from a password like Roverdog1 to Roverdog2, or even 3DogRover?

The safest thing we can do is come up with complicated, unique passwords for every account we own. Let your password manager randomly generate one for you. You won’t have to remember it—your browser can autofill it. Better yet, use a passkey whenever a site offers that option!