Pssst...Here's why you shouldn't use the same password for everything

Using the same password for all of your accounts is like having one key that unlocks every door in your life.  It would be extremely unwise for a person to just rely on one key to unlock the doors to their home, their car, their office and their safety deposit box, because if that key were to get lost, it would simultaneously create multiple high-risk situations that need to be addressed quickly.

The same principle applies for when you reuse the same password for your e-mail, your bank account, your social networking sites, and your Manchester University account.  If you use the same login credentials across websites, apps and forums, then it won't take long for a savvy hacker to identify multiple places they can use your stolen password.

A different concern when reusing passwords is that a site with strong login security (e.g. your bank) might have its extra security measures rendered useless if you use the same login information on a web site with weaker security (e.g. a fantasy sports site or a cooking site).  A hacker who has compromised the weaker site now has the correct credentials for your bank's web site.  When you share login information across the internet, even the best protected web sites become only as secure as the weakest site that uses the same login information.

Therefore, it is crucial to use different passwords for different types of accounts.  This doesn't mean every single account you have online needs its own password.  You can reuse a password on web sites that can't cause you any harm.  However, if a web site is storing personal information, especially credit card or financial information, then it needs to have its own unique password, even better would be to enable two-factor authentication.

If you have any of the following types of accounts, you should use unique, strong passwords, and enable two factor authentication, for each:

• Your e-mail account
• Your university accounts
• Online bank and other financial accounts
• Your social networking accounts
• Any account that stores personal data about you (home address, financial information, etc)
• Any account that someone could post information in your name that would be damaging to your reputation