Passwords. How many times have you been told not to use the same passwords?
Well, it’s true. Password reuse is a easy way for an attacker to attempt to access your account(s). You see, there have been hundreds of data breeches where user names and passwords were leaked to the internet or dark web. Now let’s say you use the login like email@example.com and the password of john on yahoo.com and this gets breeched. Now an attacker gets the user name and password and starts trying google.com, mail.com, facebook.com, twitter.com. If you reuse your password (and user name). It’s only a matter of time before they get access to your accounts. Even just the password will yield success to the determined attacker.
So, use different passwords, use complex passwords. There are word lists (small, medium, large, etc) out there guessing simple passwords too. Attackers can run scripts (mini programs) that can go through these really, really fast. I can even do this.
Another form of protection is a Two Factor Authentication (2FA/Multi Factor Authentication (MFA). It’s where you have to use your phone or token to gain access to your accounts in addition to your user name and password. This way, in a perfect world, if an attacker gets your user name and password, they should not get access to your account unless they possess your 2FA/MFA.
Hate creating unique passwords? Most password managers can do this in one or two clicks – and they store the password and also verify you are typing the correct web address too.
So, use MFA/2FA.
Use a password manager
Don’t reuse passwords.