Recently local people have been experiencing issues with their email accounts being compromised. While using the same password for everything is easy to remember, it can also be your digital downfall.
I consulted with Matthew Parent, a software engineer in State College, PA. He told me quite often these types of things come about from a website, such as a forum, being hacked. The hacker will then gain access to several users’ account information—including of course their email address and password to the site. It’s easy to assume the person’s login password for that site may also be for their email login.
They’ll try it, and if it works the viola—they’re in.
Not Just A Password Change…
If you notice suspicious activity or friends report odd emails from you, you might be a victim of this. Webmail such as GMail (Google Mail) is fairly good at detecting this odd behavior and will notify you at your next login. This comes with a big however…
When you’re aware your account has been hijacked, changing your password should correct everything, right? Wrong. Sometimes the attacker will change settings while in your email account, such as enabling POP and IMAP access (if your email is web-based). This allows them to use programs like Outlook to easily access your email from their home. Worse yet, some emails are set up to send a confirmation email when you change your password, so if you don’t correct THIS setting you may be unwittingly emailing them your new password to their new POP access.
Make sure to check for settings changes like this, and only change the password after you reset your security.
Matthew Parent also advised that when hackers gain access to your email via this method, it’s usually because it was easy (due to the other hacked site’s info). Once you securely reset your email password they should leave you alone in most cases.
Although it’s harder to keep track of everything, this is the big advantage to using separate passwords for various things. Uncovering one does not expose you completely. You may set it up that your email has one, social media has another, and so on.
Programs like KeePass can store all your passwords on your PC with one master password, making it easy to have as many unique passwords as you like without having to remember all of them.