Old accounts best practices

Seneca
Seneca
Community Member

I'm hoping for some advice on best practices regarding old legacy accounts.

I have been using one password for many years and have accumulated a number of logins that have been dormant for a long time. Many of these do not have passwords that would be considered secure in 2018 although the would have been considered okay in 2008. Some of them have 6 to 8 characters. As I'm setting up our one password for families account, I thought it might be good to review some things including some of these legacy accounts.

I know I could attempt to log into each website and change to a more secure password, (I dread the time that it would actually take to do this) but I was just wondering if somebody has any advice about dealing with these accounts and how much of a risk they propose. There certainly not anything like brokerage or banking accounts but it is possible that they would have an old credit card that may already be expired and contact information.

Thanks in advance for any replies.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:old accounts

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Seneca: This is a fantastic topic, with different facets. You might be interested in a discussion another user started recently regarding dealing with old stuff. My suggestion there for an "archive" vault I think may be useful to you too. But the other issue is what to do with those. Ultimately only you can decide, but for me, being a bit paranoid and neurotic, I opted to use Watchtower (okay. it wasn't called that then) to go through everything methodically, prioritizing the most important accounts, or those with the weakest passwords:

    Use Watchtower to find passwords you need to change

    Granted, I had a lot less in my 1Password vault at that time, but also the "Security Audit" features we had at the time were fairly limited to what we have today. As one example, being able to see logins with known-compromised password or for websites that were breached can really help to divide and conquer. Let me know what you think!

This discussion has been closed.