Warning on using passwords for multiple online accounts

February 21st 2018

A new survey suggests that half of Britons aged 18-25 use the same password for multiple online services, making it easy for criminals to hijack their accounts.

For information and advice on safe creation and use of passwords, click here

The survey heralds a focus on email password hygiene from Cyber Aware, the government’s online safety campaign, aimed at getting young people to understand the importance of using different passwords for different accounts … not least email.

If you use the same combination of email address and password for your email account as you do for other services and it is compromised by either a data breach or inadvertently revealing it – it makes it fast and easy for your email to be hacked too. The danger is two-fold:

  –  Anyone controlling your email account can impersonate you to commit fraud or identity theft, or both

  –  Any sensitive data you send via email can be intercepted

Of the 2,261 subjects of all ages who responded to the survey, 79% said that they had sent bank details or copies of proof of identity such as driving licences and passports via messaging systems, including email. The survey suggested that 27% used their email login credentials for other accounts, with 18-25 year-olds the most likely group to do so.

Detective Inspector Mick Dodge from the City of London Police, the lead force for economic crime, said: "Your email account is really a treasure trove of information that hackers won't hesitate to exploit. You wouldn't leave your door open for a burglar, so why give criminals an open invitation to your personal information?"

DI Dodge commented that the danger of identity theft was especially high because many people rarely delete the personal information such as bank statements, passports and other important documents, that they have emailed.

Get Safe Online wholeheartedly reinforces Cyber Aware’s recommendations that you use a strong and separate password for their email accounts, and that the names of family members, pets or sports teams should not be incorporated when choosing passwords. This is because these details can be easy to ascertain from social media profiles and posts – a favourite source of information for criminals. It also recommended that where made available, users should take advantage of 2FA (2 factor authentication) for additional security – normally done by an SMS message or automated call to the user’s nominated mobile device.

Cyber Aware Ambassador and GP Dr Hazel Wallace recommended: "When you're making a lifestyle reset it's also important to make a reset to your online health as well. Hackers can use your email to access all of your personal information by asking for a reset to your passwords for other accounts."

By Get Safe Online

Written by

In partnership with