By Richard Rost 16 months ago
I to remind everyone that you should always use a different and unique password on every web site that you have an account on. I know that it can sometimes be daunting to remember all of those passwords, but it's better to be safe than sorry. You should at least use unique passwords on sites that have sensitive information, such as your bank or credit card vendor.
Here at Computer Learning Zone, for example, I personally have access to your username, email, password, address, credit card number, etc. Now, I am the only person here at my company. Nobody else can get into my secure customer database. However, you can't be sure that every other web site you're on will have the same level of integrity that mine does. If you use the same email and password on a questionable web site that you use on... say... your bank's web site, then that could be a very big risk for you.
Use a different and unique password on every site you visit - especially sites where you have given financial data (credit card numbers, etc.) If you have a hard time remembering them all, there are programs or browser extensions you can use to keep track of all of those passwords.
Me, personally, I use Google Chrome, so it does a real good job of not only storing unique passwords for every site I'm on, but it also can generate new random ones for you. I also use (what else?) an Access database to store them so I have a backup copy for important sites, in case Google fails.
Even if you trust a particular web site, they can still get hacked. Even major corporations with big IT and web security departments get hacked. How many times do you hear of a "data breach" in the news? Seems like every other month some big company is in the news because they got hacked. Another reason to use a different password on every site you visit.
Now, I do not store credit card information on my web site. When you place an order here, your credit card information is transferred almost immediately to my in-house Access database. I do that on purpose. In case my web site is hacked, the hackers won't get your secure information. The most they'll be able to do is send you an email or watch your courses. Your credit card information is safe. There is no "outside access" to my in-house Access database. Even I can't log into it from outside my office. I work from home, so it's never a problem for me. And when I go on vacation, I don't need your credit card info. I can still get my emails and such just fine from Gmail.
Because I don't have that kind of secure information on my web site, I feel that its OK to send you emails with your password in them. Again, the most someone could do if they intercepted this email is log on and watch your lessons. They can't get your credit card data. If you forget your password and use my "password recovery tool" it will send your password unencrypted in an email to you so you can log on. It's not secure, no, but again, it doesn't need to be. If someone is savvy enough to intercept your emails, the most they'll be able to do is log on and watch your lessons. I'm not worried about that.
People sometimes ask me "is it wise to send passwords by email?" Well, not for a site that is super sensitive, like your bank, but for less secure sites it's just fine. It's common procedure for many web sites to send "forgot password" requests by email, and those emails either contain the password or a link to reset your password. Same risk. If someone intercepts your password to my site, the most they'll be able to do is log on and watch your courses. I don't store credit card info on my web site. They'll get your name, email, and know that you like Microsoft Access. That's it.
Here's a scenario where using the same password on every web site you visit is a serious problem. Let's say, hypothetically, that you do use the same password everywhere. You've got the same name, email, username, and password on your bank's web site, your credit card web site, Amazon, Walmart, Microsoft, and everywhere else you frequent. You've bought flowers for mom on a different site. You frequent a couple game web sites. You get the picture. Now, you decide to set up an account on some site like PCResale.net that you've never used before. Out of habit, you use the same email, username, and password that you have on every other site on the web. Well now, guess what, Joe Owner of PCResale now knows who you are, your email, and your password. If you used your card to shop at his site, he now has your card info (so he knows what credit card company or bank you use). Plus, he now knows your password for those sites. He can cancel your cards, order new cards for you to be mailed to him, etc. He now knows how to order stuff from your Amazon account. This is why it's so important that you use a unique password everywhere. It's mostly to prevent against disreputable owners / managers / IT people at companies you already do business with, not hackers who intercept your emails.
So... again... bottom line... use a unique and different password on every web site!
Personally, I love using CashApp for online purchases. It's a debit card that you can preload with whatever you want to spend instantly from your bank account or another card. The card they send you can be turned on and off with the app, so you can control your spending. Take it out to dinner. When you get the check, turn your card on. After the waiter runs your charge thru, turn it back off. I love it. I know a lot of banks offer this service too, but CashApp makes it super easy.
OK. That's all. Use unique passwords, folks.