A COMMON password mistake on your smartphone can have devastating consequences.
Worse still, cyber-experts say gadget users are at risk because it’s “tempting and convenient” to ignore the simple fix.
1
Passwords are one of the most popular methods of logging in to a website.
But too many Android and iPhone users are making a big mistake when it comes to their log-ins.
Speaking to The Sun, Matthew Hamilton, senior security operations center analyst at Adarma, warned against re-using your passwords.
After all, both Android and iPhone devices have built-in password managers to prevent you from needing to re-use log-ins.
“While it may seem tempting and convenient, using the same password for multiple accounts poses a significant security risk,” Matthew explained.
“Reusing passwords exposes both individuals and businesses to credential stuffing attack.
“In such attacks, hackers leverage exposed credentials to test them across various websites.
“If a few passwords grant access to multiple accounts, attackers can swiftly compromise numerous accounts with ease.”
Most read in Tech
Matthew also warned that it can become a “critical” situation when gadget users have the same passwords on their work accounts.
It means you could end up causing major trouble for your employer – and risk being fired if your accounts were hacked.
Thankfully it’s no longer necessary to remember long and unique passwords for each individual website or app.
Instead you can get a helping hand from your device.
“A far more secure solution to managing multiple passwords is to adopt a password manager,” Matthew advised.
“This powerful tool can generate and suggest alternative passwords for your various accounts, leaving you with the sole task of remembering the master password for the password manager itself.”
Apple offers a free password manager on iPhone called the iCloud Keychain.
It will suggest strong and unique passwords when you sign up to websites – and save them for when you need to log in again.
Similarly, Google provides a free manager for your passwords in its Chrome browser.
That way Android phone owners can also avoid being caught out by savvy crooks who take advantage of bad password hygiene.
Apple and Google are also both pushing a new kind of log-in technology called Passkeys.
These are rolling out now on some websites and apps, allowing you to sign up for services without needing a password at all.
Instead you verify your identity using a Passkey, which is verified using a secure system like Apple’s Face ID face-scanning tech on iPhone.
More services are expected to support Passkeys in the coming years.
