same password, multiple sites

philcsi
philcsi
Community Member

Obviously the use and power of 1Password are to improve the security of your password on the sites we frequent but not all sites are created equal. I would like to import about 500 username/passwords from my chrome browser stored use. (I know now it was a bad idea.)

Many of these sites are job application sites where I have given them my resume. The same resume is posted on Monster, Indeed, etc. so nothing is really confidential. To go back to all these sites to change each to a unique password, would be very difficult. (I would have to use 1Password to do this on each site for uniqueness.) Where I would like your opinion (or criticism) is the need to change these. I used the same generic password strictly for job application sites and nowhere else of value.

I see where 1Password highlights sites that use the same password. Is this a problem both theoretically or within 1Password? Is it just a matter of etiquette at this point or is this real problem?

TYIA


1Password Version: Not Provided
Extension Version: 4.7.5.90
OS Version: win 7 & 10
Sync Type: ?

Comments

  • Hi @philcsi

    The problem with password reuse is that if one site is compromised and an attacker is able to obtain your credentials from that site, they're going to try using them on every other site they see of value. If you've reused your credentials elsewhere having compromised the one site means they've effectively compromised your account on every site where you use those same credentials.

    For this particular case it may not be something you feel the need to address urgently, but I would suggest as you log in to these websites you consider generating strong unique passwords for them at that time. That is likely the approach I would take were I in your shoes. I probably wouldn't spend an entire weekend going through each and every one changing them, but the next time I logged in (whenever that might be) I'd make the change.

    My assessment changes if any one of these sites or the credentials become compromised (which Watchtower is able to warn you about). At that point it is time to burn the weekend and change them all ASAP.

    Ben

This discussion has been closed.