How Passwords Get Compromised

Have you ever checked on your passwords and noticed a warning that they’ve been compromised? One compromised password can put all your credentials at risk, but how does this happen?

Your passwords may be showing as compromised due to a breach, poor password practices or for other reasons. Read on to learn more about compromised passwords and how you can start better securing them.

What’s a “Compromised Password”?

A compromised password refers to a password that is unsafe because it has been exposed in a data breach and published online. Passwords can also be compromised if they are specifically targeted by a cybercriminal. Having easy-to-guess passwords can put you at risk of a social engineering technique that can guess your password or it can be obtained through a phishing email. When one of your passwords becomes compromised, it means people other than you potentially have access to your account. 

Compromised passwords are extremely dangerous, especially if you’re someone who reuses passwords or variations of the same password across multiple accounts. If one of your passwords is compromised, and you’ve reused it across multiple accounts, a cybercriminal can use that same password to get into all of those accounts.

How Your Passwords Become Compromised

There are many ways your passwords may become compromised. The following are some of them.

A company you have an account with experienced a breach

When a company experiences a breach, there is always a possibility that the breach also exposed customers’ personal information – meaning your username and/or password may have been compromised. It’s important to note that even accounts we no longer use can be a part of a breach, which is why deleting old accounts and never reusing passwords across accounts is vital to keeping your passwords safe.

You have poor password practices

Poor password practices are more common than you think. Poor password practices include, but are not limited to, the following:

• Reusing passwords across multiple accounts
• Using variations of the same passwords
• Using personal information in your passwords 
• Creating passwords with fewer than 16 characters 

When we don’t practice password hygiene, we make it easy for cybercriminals to guess our passwords, either manually or through a brute-force attack. Practicing good password hygiene means:

• Creating strong, unique passwords for each of your accounts
• Implementing multi-factor authentication on your accounts
• Storing your passwords in a secure password manager 

You don’t store your passwords properly

Many people have a hard time remembering passwords for different accounts, which can lead to saving our passwords using insecure methods, such as in a web browser’s built-in password manager, in a notes app, in a text document or spreadsheet, or on paper.

Securely storing your passwords helps prevent cybercriminals from stealing them, and the most secure way to store your passwords is by using a password manager. Keeper Password Manager stores all your passwords in a secure cloud-based vault, so you can access them whenever and wherever you need to. 

You got phished

Phishing attacks are social engineering attacks that convince a victim to disclose sensitive information through an urgent message. Phishing attacks most commonly occur through emails or text messages and contain malicious links or attachments. When clicked, the malware begins to spread and infects your device. 

Links that cybercriminals use can also be masked to look like legitimate websites. If you were to enter your login credentials into this fictitious site without knowing, your password would become compromised.

Protect Your Passwords from the Dark Web With Keeper

A comprehensive password manager like Keeper not only helps secure your passwords but also helps you monitor them in case they’re compromised during a public data breach. With the dark web monitoring add-on BreachWatch®, you will be notified immediately if one of the credentials saved in your vault appears on the dark web. This allows you to change your password immediately, making it less likely that a cybercriminal will get a chance to use it.  Keeper Password Manager makes the process of changing your password seamless. Just use Keeper’s built-in password generator to generate a new, strong, unique password and update your record.

You can also check to see which of your credentials have been found on the dark web by using Keeper’s free dark web monitoring tool. 

In our increasingly digital world, where everyone works, studies, communicates, shops and spends their leisure time online, just one compromised password can put you in a world of trouble. Help prevent that from happening by starting a free trial with Keeper today.