You are currently viewing FAQs Answered: Why Reusing Passwords is Bad

FAQs Answered: Why Reusing Passwords is Bad

Creating accounts online is your ticket to all kinds of access. Concerts. Groceries. The wide world of Amazon. To create an account, you need two critical pieces of information: a username and password. When you’re in the moment, and you just want that access as quickly as possible, you may come up with the first password that pops into your head. Your dog’s name and birthday. Your anniversary. Your favorite food and the year you were born. The problem is, along with the desire to use passwords you’ll remember comes a major security threat. Bottom line, reusing passwords is bad—and can seriously compromise your digital identity.

A reused password is a weak password

The first reason as to why reusing passwords is bad is that a reused password is a weak password. If it’s one you’re reusing, it’s likely one that you’re apt to remember. And if it’s one that you’re apt to remember, then it’s probably not very complex.

What defines a weak password? By definition, it’s a password that is easily detectable by humans and computers. A weak password is typically short and uses information that is easily traceable to a person, such as his or her address, children’s names, birthdate, etc. Conversely, a strong password is one that consists of multiple characters including numbers, symbols and letters. Strong passwords also usually employ a mix of uppercase and lowercase letters.

Weak passwords are easier for hackers and hacking technology to identify, granting them easier access to your private information.

A breach on one site can lead to multiple access points

The main and most obvious reason why reusing passwords is bad: once hackers have identified one password, it can open them up to every single other account of yours where that password is being used. Especially if you are using a password on a site that does not encrypt passwords, that password (if reused) is vulnerable.

Hackers know that people reuse passwords, so once they have a password nailed down on one of your accounts, they’ll use it to try other means of access.

It promotes bad cyber security habits

It’s no secret—as a whole, we’re pretty lazy. Or maybe we just want instant gratification. Either way, when it comes to logging in to what you want to log into at that moment in time, some of us tend to forget about the concept of cyber security entirely. There may be an inkling in the back of your mind that you should not reuse this password, again; however, we make excuses like, “Well this is the one I’ll remember.”

What this does is creates bad habits. According to a Google survey, 26 percent of people admitted to still using passwords that had been known to have been compromised in data breaches. Reasons for this varied, including users saying they were confused by the password reset process or they just didn’t think it was necessary to do so.

You can tell yourself this all you want, and maybe nothing will ever happen to you. But the one time it does, you’ll regret not taking cyber security more seriously. Reusing passwords is bad because it creates an apathy toward cyber security in general, which can lead to serious consequences.

What we recommend

Plain and simple–avoid reusing passwords at all costs. But what can you do? How are you supposed to remember hundreds of not just passwords—but strong ones? Here are a few suggestions:

Password managers

Password managers are a way to keep all of your multiple passwords stored in one database. All you have to do is remember the one “master password,” and there are even security keys in place to protect it in many password manager programs. Read more about our top three password manager picks.

Generated passwords

Password managers also include a function to auto-generate complex passwords on your behalf. With the click of a button, you can have a strong password generated for your Amazon account, for example. Don’t worry about remembering it—the password manager does that for you. You can set up auto-fill settings on your computer so the password will be there any time you want to log on to Amazon.

Two-factor authentication

With the help of smartphones and other devices, we can now add another level of protection to our passwords. Two-factor authentication prompts a user to verify his or her account via code from a second device when signing in to a device from a new location. There are many free two-factor authentication apps available.


With the majority of our daily activities now happening online, password security should be top of mind. Reusing passwords is bad not only because it makes your accounts more susceptible to hacking, but also because it promotes poor cyber security habits. The recommendations above should be a standard for your online activities going forward if they are not already.

At McNutt & Partners, we protect our clients using password managers and auto-generated passwords on all accounts and two-factor authentication wherever possible. We do not take your online security lightly!

McNutt & Partners is a full-service advertising and digital marketing agency. Contact us today for your marketing needs! Call 334-521-1010, or visit our contact page.

Leave a Reply