Blog Post
I agree that strong, unique passwords are essential for security. Saving passwords can be safe, but I personally prefer to keep everything compartmented. This means that if one account gets compromised, there's no way for an attacker to use that information to access my other accounts.
This is exactly why I think using a password manager is a bad idea. Even if it's well-protected and encrypted, there's always a risk of it being compromised. If that happens, all stored passwords could potentially be exposed at once. Keeping passwords separate and manually managed reduces the impact of a single breach.
I wish I could find my old article on phishing so I could contribute more to the discussion, but it seems to be lost in one of the older security newsletters.
Keep up the great work!
EA_Kuba
Community Manager
Community ManagerHey, danisoff thanks for sharing your thoughts about passwords. Exactly! There are two concepts for keeping your account passwords safe. While good password hygiene without password managers is possible, it might not be a solution for everyone. At the end of the day, this is a personal preference. Maybe a mix between your approach and using a password manager could be a good solution. Or maybe spread your passwords among a few password manager providers? Possibilities are endless ;)
Regarding your article about phishing. Is that this one? :)
Well said! Always happy to hear from you EA_Kuba. Yes, using multiple password managers is definitely better than relying on just one. That would be a much safer compromise.
Also, thank you for finding the original post! Is it archived somewhere or is it just an old screenshot? Nonetheless, I really appreciate you taking the time to track it down. 🙂
Good stuff. Quick story. Until 2016 I used one password for several sites. I stopped that and use long complex ones, never duplicated since then.
Here is the fun bit. I check my "dark web profile," on some google service a couple of months back.
Guess what? My re-used password is still listed. It's harmless as I have changed all, or closed accounts with it over 7 years ago, but it's still there. Kind of funny, but quite a shock at first.
There is no harm in me typing the password that I used as I would never use any thing without letters, Capitals, numbers, and characters (% & $ etc) now and haven't done so since back then.
My really old password was Morrowind. Oh the innocence! Oh the stupidity. I was playing that game back in 2012 or so and used it as my normal password for everything. Kind of embarrassed, but I totally, suddently grasped how silly I had been almost a decade ago, so I am sharing.
BTW: Nothing was ever compromised. Luck probably. Also doing that now in 2025 without 2fa and bank accounts would be emptied. CC bill would include a Porshe 911, I identidy would be gone!!
Should have added, of course I deleted, and haven't used the account (an old hotmail one) since 2016.
Pretty amazed Google picked it up. Not that it will do anyone any good, - I mean bad!
