Anyone has a lot of accounts, from social networks to online banking but we need to stop reusing the same password for every service.
In my experience I see that a lot of people use the same password and when the service require a password change or confirmation they forgot the password or for example when they register a new account the password may be have a little change, for example “Hello!123” to “Hello!1234” and this is useless because is like a passpartout key that opens every door (account), if we use a different key for every account then the security increases and we can only open one door.
Using the same password (or making a little change to it) is a security problem, an example is, if an account is violated (for example) with the password found in a data breach then it will be automatically more vulnerable especially if your password and email leaked are still the same.
Another thing is 2FA (two-factor authenticator), literally nobody use it! One of the excuses I have heard is “Too steps” but the 2FA guarantee that if someone knows the credentials for any reason, nobody can access the account without the token (6 digits code) generated via the app, sms, telephone call or any other methods like the Yubico Key.
The token via sms and/or telephone number should not be used because the provider’s network is not at all secure.
Is your email, phone number or password in a data breach?
Check on haveibeenpwned and if the result is a red banner then change immediately your password, the email if possible and enable the 2FA if isn’t already enabled.
I personally suggest the use of a Password Manager like Bitwarden, an Open Source software to save all your credentials in an encrypted way and syncable with any device via Cloud. There is a Premium service that costs only $10 every year and permit you to save files, use the 2FA in elements and more…
If you don’t like to save your password in cloud you can use KeePass, an Open Source software too, it save all in a database file but you need to sync everytime you make a change if you want to have passwords updated in every your device.
The use of Password Manager simplify a lot and the auto-fill help too and you don’t need to remember every password! But at least make a copy of your passwords and the 2FA tokens just to have a backup.
Maybe I will create a new post more detailed in the future.
Sorry if the post contains some errors and is not made well