With pretty much every website and app either requiring or aggressively pushing visitors to sign up for a user account, consumers accumulate accounts very quickly. A survey by Digital Guardian found that 70% of consumers have over 10 password-protected online accounts, and 30% have “too many to count.”
Over time, the typical consumer stops using and forgets about many of those accounts. Known as “zombie accounts,” these long-forgotten logins may include free trials that you never followed up on; social media networks, blog platforms, games, and message forums that you lost interest in; stores that you no longer shop at; and apps that you used only once or twice.
It may not seem like a big deal to let zombie accounts sit quietly and gather dust, but these old logins can pose significant security risks. By the time Yahoo was breached in 2016, compromising three billion user accounts, the site had fallen out of popularity. A lot of people had long since ditched their old Yahoo email addresses, but their accounts remained open.
Zombie accounts are treasure troves for cybercriminals. Once inside, they can steal sensitive information you stored within the account, such as your home address, telephone number, and payment card information. They also have your account password, which you may have reused on other, current, and far more sensitive sites, such as your banking app or your work email.
Protect yourself from a data breach caused by a zombie account
There are several things consumers can do to protect themselves from cyberthreats caused by zombie accounts:
- Use strong, unique passwords for every online account. This prevents cybercriminals from using a stolen password from, for example, a message forum to access your online bank account.
- Use two-factor authentication (2FA) on all accounts that support it. Even if a cybercriminal manages to steal your password, they won’t be able to access the account without the second authentication factor.
- Use a password manager such as Keeper to store all of your passwords and 2FA codes in a secure digital vault that you can access from your device. With Keeper, there’s no reason not to use a strong, unique password and 2FA for every account.
Subscribe to a Dark Web monitoring solution such as Keeper’s BreachWatch™.
In addition to helping you practice better password habits, Keeper also organizes all of your online account logins in one place, simplifying the process of locating old accounts and deleting them. When a new user signs up, Keeper gives you the option of importing their existing passwords from their browsers, spreadsheet files, or text documents. Once the existing passwords are imported, Keeper analyzes them, warns the user about weak and reused passwords, and even offers to help change them. This is a great way to locate old, forgotten accounts!
For extra protection, users can subscribe to Keeper BreachWatch™, which scans Dark Web forums and notifies if any of their passwords have been compromised. This advance warning allows users to reset their passwords right away, minimizing the risk of cybercriminals using them to breach an account.