Apple’s new Passwords app is only as secure as your device since it can be accessed using your phone’s passcode. If you have an easy-to-guess passcode,
You may be hearing about password sharing more often these days as Netflix cracks down on users sharing logins with anyone outside their household. The new rule has been met with strong opposition by those who share streaming logins with friends and family. For many, password sharing has become the norm when it comes to streaming services.
Password sharing refers to the act of sharing login credentials with other people so they also have access to your account. At times, it may be necessary for people to share passwords with friends, family and colleagues, but, there is a right and wrong way to do it. Unsafely sharing passwords can place your streaming and online accounts at risk of becoming compromised.
Let’s explore some of the reasons why people share their passwords, the risks of sharing them insecurely and what you can do to share passwords without placing your accounts at risk.
Why Do People Share Their Passwords?
There are many reasons why someone would choose to share their passwords, including but not limited to:
- Saving money on subscriptions such as Amazon Prime
- Sharing access to streaming services with friends and family
- Providing access to financial accounts in case of an emergency
Sharing passwords in your personal life
In your personal life, your may choose to share certain passwords with your friends and family so they have access to your accounts in case of an emergency. Another reason would be to share access to a streaming service like Netflix, Hulu, Prime Video or HBOMax. When it comes to sharing passwords for streaming services, the main reason for doing this is to save money. Instead of multiple people having to pay for their own subscriptions, only one person would have to pay and everyone would just have free access to it. This often happens for other subscription services such as Amazon Prime as well.
It’s also common for people to share Wi-Fi passwords with guests when they visit. While this may seem like it’s no big deal, it poses a serious problem, because it opens up your network to all kinds of threats such as malware infection, which can spread through the other devices connected to your Wi-Fi network.
Sharing passwords at work
Many employees have to share passwords for social media or other company accounts. While it may be necessary for employees to share passwords with colleagues or contractors so they can do their jobs, they do not always do so securely. Insecure sharing methods can place company accounts at risk of compromise.
Insecure password sharing also increases the risk of former employees retaining access to company accounts, which may contain sensitive information. Without a secure way to share passwords, companies are vulnerable to account takeover attacks and breaches.
How People Tend to Share Passwords
Here are a few of the ways people tend to share passwords.
- Through text messages or messaging apps such as Slack
- Through social media direct messages
- Through emails
- Writing them down on paper and giving it to the other person
- Placing them in Excel spreadsheets or Word documents
The Risks of Password Sharing
Sharing passwords through unencrypted methods puts accounts at risk of being compromised, and any financial or other personal data at risk of being used for malicious purposes.
Here are a few of the risks of insecurely sharing passwords.
Leads to more than one compromised account
Depending on the password practices of those who use an account, more than one account can become compromised. Many people find it challenging to create strong and unique passwords for all of their accounts, which results in reusing passwords or using variations of the same password across multiple accounts.
Reusing passwords is not uncommon, especially for those who do not use a password manager. Keeper Security’s US Password Practices Report found that 56% of respondents reuse passwords across multiple accounts and, on average, respondents use the same password for four different sites and apps.
If you have a shared password that ends up in the wrong hands and you are someone who reuses passwords, you’re putting multiple accounts at risk of compromise, rather than just one.
Easier to fall for social engineering scams
Social engineering is a serious cybersecurity threat facing both businesses and individuals. Social engineering uses psychological manipulation to convince victims to reveal private information.
Let’s say a cybercriminal pretends to be your family member and tells you they’ve forgotten the password to Amazon Prime. If your family shares access to the account, you’d give the password to them right away without second-guessing yourself. If your family has no other choice than to send passwords through insecure channels like a phone call or text, your password would easily fall into the hands of the bad actor.
Fortunately, there is a way to share passwords securely and protect against these types of cyber attacks.
How to Share Passwords Securely
The best way to share passwords securely is by using a password manager. A password manager is a cybersecurity solution that aids users in generating, storing and sharing passwords. Depending on the password manager, the options to share passwords may vary. Some password managers offer one-time sharing, so account credentials are only provided for a set amount of time. Once that time is up, the person who received the record will no longer be able to view it or use it to log in to the account.
In cases where family members share access to the same account and you want to provide continuous access, records can be created and shared with multiple users so they will always be able to use it. If the password is changed, the record can be updated with the new password and everyone the record is shared with will be able to access the account, despite the change.
Sharing passwords at work
Sharing passwords at work is often necessary for performing job duties. With a password manager, every employee will be able to access the records they need to complete their job without having to rely on IT or coworkers. A password manager also makes it easy for IT admins to assign permissions and enforce the Principle of Least Privilege (PoLP). PoLP is the concept that users are only given access to the information and systems they need to do their jobs – reducing the risk of insider threats and enhancing compliance.
While a password manager reduces the risk of account compromise by third parties, it’s important that you only share passwords with people you trust. Sharing your password with the wrong person can lead to lost ownership of the account – meaning you’ll have no way to access it at all. This can happen if you share a password and the person it was shared with changes the password without you knowing.
Not sure which password manager is right for you? Learn what to look for in a password manager.