7 Bad Password Habits to Break Now

It’s that time of year when everyone’s setting goals to eat better, exercise more, and get organized. As you type up to-do lists and tackle projects, take a few minutes to think about your password habits. Are you still putting your passwords at risk with the habits we’ve rounded up below? Investing in your digital security and finding tools that help you be more productive while reducing cyber security risks will pay off all year long, both in time saved and in peace of mind.

Here are 7 bad password habits you need to break now so you can set yourself up for a more secure (and productive) 2015:

1. Using the same password everywhere.

Analysts estimate that some 50% of people on the Internet are still using the same password for all of their logins. This is one of the riskiest things you can do online. With massive breaches affecting more consumer websites and services, it’s only a matter of time before one (if not more) of your online accounts gets leaked online. And with billions of credentials thought to have been leaked in 2014, it’s likely at least one of your passwords is already out there. If you use the same password across multiple websites, it only takes one website leak for someone to get access to your other online accounts, and jeopardize your identity.

2. Not having a password system.

Are you forever hitting the “forgot password” link? Especially with websites you use once a year, like Turbotax, and then forget about it the rest of the year? Without a system, it’s impossible to remember where you have accounts, how many you have on each website, and which username and password you registered with. Without a system, you’re wasting time and interrupting your workflow.

3. Never updating passwords.

When was the last time you updated the password for your email accounts? How about your online banking and other financial accounts? Or your social networking accounts? Having strong passwords is just as important as regularly changing those passwords, especially if the same password has been used on more than one account. And without a system (see above bad habit), it’s practically impossible to know when, if ever, those passwords have been updated.

4. Checking the “remember me” option.

Many websites give you the option to remember your username and password. They might also keep you logged in to the website for as long as possible. The danger here is that 1) You’ll likely forget the username and password if you have the website remember it without securely storing it elsewhere, and 2) Anyone with direct access to your computer will have no trouble getting to your accounts.

5. Storing passwords in the browser.

Storing passwords in your browser might be convenient, but it’s not enough to keep your passwords and online accounts protected. Browser password managers don’t prompt you to login by default, leaving the passwords and accounts you store exposed. Not to mention, if you ever find yourself on another computer or mobile device, and you didn’t set up automatic sync ahead of time, you’ll be left without your passwords when you really need them.

6. Sharing passwords too liberally.

At some point you’ve probably had to share a password. It could be a WiFi login with your house guests, or accounts to pay online bills with your spouse, or a login with your business partner. Whatever the case, passwords should be shared sparingly, and only with those you trust. And when the person no longer needs the password, it should be updated immediately.

7. Emailing passwords.

In the same way you should be careful about who you share the passwords with, you should also be careful about how you share those passwords. Email is unsafe and should never be used to send sensitive data, especially passwords. And if a website ever sends you your password in email, in plain text, notify them immediately and let them know it’s unacceptable. If they’re sending you your password in an email, you know they’re storing your passwords in an unsafe way, and could be jeopardizing your personal information.

The solution to bad password habits? A password manager.

Every single one of the above bad habits can be solved by getting started with a password manager like LastPass.

By remembering and filling your passwords for you, a password manager ensures you’ll never forget another password and you’ll always have the login information you need for your online accounts. A password manager also helps you generate a strong password for every account, and use a different password on each website. With features to help you share passwords, you’ll also ensure you can keep track of who has access to what and have the tools you need to easily update a password at any time.

Even if you’re already using a password manager, you might still find yourself falling back on some of the above old habits. Make a commitment to do an audit of your passwords and online accounts. Start by using the LastPass Security Challenge in the Tools menu of the LastPass browser addon to update weak or duplicate passwords.

Take action today to lock down your passwords, so you can be more productive and secure this year.


  • The-Mental-Escape says:

    I’ve had Lastpass for 6 years now, & they’ve gotten better with age. I used to have RoboForm before I came across them. People who take things for granted are the ones whining when their indentities are compromised. I’ve learned that it’s better to be cautious or on the paranoid side of things, then on the other. My passwords are works of art. I make sure they are unique, and ridiculously complex. Most are a minimum 12 characters & contain all 4 characteristics. Knowing all of that, it’d still take years to crack the code. But I’m never satisfied with the level of security, and will always change my passwords to be even more complex… When someone breaks any of my codes, I’ll give them a Gold Medal, kiss their feet, & serve them with honor & grace.