Why using one password for everything is a bad idea

19 replies 319 views
GigaNodeSenior Member
Posts: 211 · Reputation: 1080
#1Feb 16, 2021, 11:26 PM
So, my friend's dad has been telling him to start paying bills and cover his younger brother's school fees. This guy's been living at home way too long, even though he’s old enough to get married. He thought he had everything planned out until things went sideways. I can't stop laughing about it. My buddy treats his Bitcoin like it's his lifeline, and he kept it all a secret from his family while living with them. But then, on Thursday morning, everything changed. He was just about to update his hardware wallet when his dad told him to go pump some water. They had issues with their power supply, and his dad was freaking out, insisting he do it before they lost power again. So, my friend leaves his hardware wallet on the table, and then his little brother walks in. The kid uses the same password my buddy has on his phone, and boom, the wallet unlocks. There’s 1 BTC just sitting there, and the kid screams like crazy. "Wow, brother Kunle is rich!" He had no clue all this time. I still can’t stop laughing about it. Seriously, never ever use the same password for your phone and your crypto wallet or hardware wallet.
2 Reply Quote Share
def1777Full Member
Posts: 194 · Reputation: 685
#2Feb 17, 2021, 03:19 AM
You shouldn't use the same password for everything simple because database leaks are common. Let's suppose you use a password for services A, B, C ,D, E, F and G. If database of the service A leaks, you will expose the password for all other services  B, C ,D, E, F and G as well.
1 Reply Quote Share
ryanwizardSenior Member
Posts: 334 · Reputation: 1694
#3Feb 18, 2021, 10:49 AM
We are not expected to use the same password on every portfolio we have just for security reasons, if we think we are not trying to make it possible to lose access to any of those password and decided to use the same for all, then it is more of taking risk than when we use different password and device a safety measure to save keep them, we must also understand that an online or any centralized platform is not the best ideal storage medium for keeping our password.
2 Reply Quote Share
b45edhashFull Member
Posts: 42 · Reputation: 301
#4Feb 18, 2021, 10:21 PM
He's brother can't just be quite huu?? But him using his phone password is another level of carelessness Apart from that, I do limit my siblings from going near my priorities, especially if I have such a secret, I will be harsh to them conserning mingling with my properties, and they will see it and avoid it
1 Reply Quote Share
ryanaltFull Member
Posts: 80 · Reputation: 402
#5Feb 18, 2021, 11:44 PM
Passwords must be unique and strong so using a password manager software is important for creating strong passwords as well as back them up. [GUIDE] How to Create a Strong/Secure Password. Are your passwords in the green? In the last time of forum hack, theymos wrote this as another warning on risk of weak passwords.
1 Reply Quote Share
Posts: 58 · Reputation: 247
#6Feb 19, 2021, 04:54 AM
Passwords for important accounts, especially those that may contain large savings, are better stored in a separate secure place. They should definitely be much more complex than a phone unlock password. It’s also not a good idea to keep saved passwords on your phone when logging into important accounts, because hackers could take advantage of this carelessness. And when it comes to close relatives who may have access to your devices, it’s important to make access to such accounts as difficult as possible, so there is less temptation to make decisions or actions that could later damage close relationships.
1 Reply Quote Share
pixel69Full Member
Posts: 58 · Reputation: 363
#7Feb 21, 2021, 03:33 PM
Just because of the responsibility and discipline required for making and keeping a good password, some people prefer to use a single password for every security that requires one. What makes a password unique is how strong it is and how it is secured by the user. When creating a password, it is important not to consider only our own convenience by thinking about how easy it is to remember, but it is also good to consider whether the password can easily be guessed by a stranger or anyone else.
5 Reply Quote Share
wildomegaFull Member
Posts: 114 · Reputation: 581
#8Feb 21, 2021, 07:51 PM
I think it's fine that way and besides we also have some issues before that people can't crack their passwords because of complexity and they can't remember anything or he should have keep a password manager for himself, it's much better. What's not fine is you don't discipline your siblings as if you're not the eldest that stuff of others shouldn't mess with or their parents didn't teach it. I'm doing the same but what differ is that I update it regularly, more like adding characters from the last password I used, that way I can remember it. Well, now that it is revealed I think he need to tell it plainly and calmly to his parents. It's not that bad to be responsible as long as it's fair on yourself too because after all parents should be the one responsible to pay their children's education, I hope they'll be fair too.
3 Reply Quote Share
stack2021Member
Posts: 9 · Reputation: 122
#9Feb 21, 2021, 08:05 PM
Bro, totally agree. I keep my passwords safe and complex. Even family should respect personal stuff. Better to be overly cautious than sorry later. Trust but verify!
3 Reply Quote Share
johnkingSenior Member
Posts: 298 · Reputation: 1767
#10Feb 21, 2021, 09:07 PM
People use same password for different accounts just for there own comfort, so that they don't have to memorise different passwords for different accounts. The technique can work well for you unless something bad happens with you. It's better to accept this reality in advance that using same password for different account is a serious cyber security flaw because if somebody finds your password then he can access all your accounts. Prevention is better then cure.
1 Reply Quote Share
john.cobraHero Member
Posts: 408 · Reputation: 2145
#11Feb 21, 2021, 11:47 PM
What is the hardware wallet in question? The devices that I have personally used have a PIN that needs to be entered to unlock the device, and even when you unlock the device, you need a UI with which to view the balance, and that same UI may also have a password. Honestly, it seems to me that this is just one more in a series of fabricated stories that I have read hundreds of in this board, and almost all of them come from users from the same local board.
4 Reply Quote Share
fox_wolfFull Member
Posts: 103 · Reputation: 731
#12Feb 22, 2021, 01:48 AM
Yeah, so correct. And these days, we are more connected to Google services, meaning that Google has access to our most personal information. Yesterday, when I was using Google, I randomly placed my BTT username in the Google search engine, and it literally surprised me that even Gemine knows who is snowpega. It also tells me about my BTT activities, like I recently completed the Bitcoin node challenge. Then I just went back and asked GemenAi about my personal information, and then it started to tell me about my doings, experience, and future plans. And that gave me another shock. It also tells me that it has access to my contacts. Then I did a little research and feel that i think i need to change the Google and its AI settings so that I won't be able to collect more information about me in the future. I also checked your name in the Google search engine; your profile is also indexed at the top, just like mine, but AI is not giving any further information about you. Maybe you have already restricted AI and Google from collecting your personal information. And what if Google's database gets compromise all of our information that is connected to Google will be accessed by hackers. In this case, everyone's property and assets will have a bad damage. So, I am getting more attentive in this case as well and restricting my Google settings so that it does not to collect any single piece of information about me and my actions from the next time.
3 Reply Quote Share
D4rkFalconSenior Member
Posts: 308 · Reputation: 1050
#13Feb 22, 2021, 11:09 PM
using same password for everything is not good THIS IS FOR REAL I mean in 2015-2016 is I forgot the exact year I just use the same password for everything literally everything including my bitcointalk password except my email, long story short one of website that I registered got hacked and my username and password got leaked and this account got hacked and I just recover this account on jan 2020 Now im using bitwarden and Google password (*tho I dont recommend this one ) to save my password and it turned out 245 already compromised and 505 reused password this because one single website got leaked and everything just puff gone
3 Reply Quote Share
real_byteSenior Member
Posts: 230 · Reputation: 818
#14Feb 23, 2021, 02:27 AM
Well, hopefully the user is using 2FA or another method for obtaining access to those other services. Otherwise even with different passwords, the security is lacking and could eventually become compromised. Using the same password is only one way for hackers to get easier access. And once it happens, the services are usually not held liable. So what to do? The user has to make sure their account is secured with more than just a password. It is up to us to keep ourselves, our data, our money and etc. safe. Everything else is an illusion.
4 Reply Quote Share
CalmLedgerSenior Member
Posts: 236 · Reputation: 1270
#15Feb 23, 2021, 04:47 AM
He still lucky if his brother not sell the Bitcoin I can't imagine what will happens when he come back and see his wallet then no Bitcoin there. He will stress and crazy at the time and yelling to all family. That is your phone with the wallets inside so you must responsible and pay attention to protect it. Don't use the same password with the other devices and don't tells to others. That is your secret.
4 Reply Quote Share
real_pixelSenior Member
Posts: 206 · Reputation: 1105
#16Feb 23, 2021, 05:29 AM
Aside from the password thing, why would he has kept his hardware wallet within the reach of anybody? that's also the problem that I've seen here. He should haven't put it in a place where everybody from their house knew it. That's why for all of the hardware wallet owners there, make sure that it's only you that know where you're hiding it and no one should know a thing or two about it. Because even your immediate family, you'll never know what they can do if they're desperate in need of money.
0 Reply Quote Share
yield_ninjaFull Member
Posts: 188 · Reputation: 646
#17Feb 24, 2021, 07:31 PM
There are advantage and disadvantage in having different password, what if it a an emergency situation and probably brother Kunle was incapacitated, and they needed money from his wallet for medical need as a result of an emergency, it will be easy for those of them that have the password or know his password to easily log in and make some withdrawals to help the situation.but the disadvantage part is that somebody can stumble on his wallet just the way it happened in your story, and without him knowing, they can make away with something, since they know his password. So it's a two way thing, if look at the advantage part, also have a peep on the disadvantage part.
1 Reply Quote Share
cobra2013Senior Member
Posts: 308 · Reputation: 1912
#18Feb 24, 2021, 07:38 PM
Let's just say OP sometimes confuses a PIN for a password. It's possible. Be that as it may, I guess this is the same user who also shared a story in the past that seemed to be too ridiculous to be real. If he/she weren't that person, then they're not too different from each other. OP also loves to share stories. Other than the one he/she shared today, he/she also shared he/she knew of somebody who was kidnapped and was asked to pay ransom in Bitcoin. He/she also once shared a story that his compound was raided by the authorities and his/her trusted neighbor arrested for being a Bitcoin scammer. He/she's got a lot of stories to tell.
6 Reply Quote Share
quantumninjaFull Member
Posts: 210 · Reputation: 581
#19Feb 24, 2021, 11:05 PM
It was just time for him to start living on his own (separate from his parents). For many, bitcoin may truly be their only chance to change their future. In what country did this story take place? How long has your friend owned this 1 bitcoin? If you have to postpone interacting with hardware wallet, then put it (temporarily) somewhere away from prying eyes (why leave it on the table?), because this action will take a couple of seconds. Because pumping water certainly takes more than 1-2 minutes. Why would anyone share their phone password? Nowadays, a phone is a concentrated repository of personal information. Why didn't your friend's family question his hardware wallet (availability)? What hardware wallet was it? To access the contents of a hardware wallet, it must be connected to a PC or phone.  So, your friend's brother should have known the basics of hardware wallet interaction. Did your friend leave his hardware wallet connected to other devices (which ones)? The screaming boy should have known and understood what bitcoin is and recognized it in the hardware wallet (in the interface of an app installed on another device), which he was probably seeing for the first time (is that correct?). When telling stories like these, try not to gloss over the important points I asked questions about above, as this helps us understand the essence of what is happening. Otherwise it starts to look like a poorly thought out story.
2 Reply Quote Share
greglaserFull Member
Posts: 180 · Reputation: 542
#20Feb 25, 2021, 03:44 AM
You can check your email and passwords but passwords you no longer used as it is stupid if pasting your current passwords there. https://haveibeenpwned.com/ https://haveibeenpwned.com/Passwords Google password is close source, it's not good, and let's choose open source password managers to use https://keepass.info/download.html https://proton.me/pass/download https://pwsafe.org/
1 Reply Quote Share

Related topics