We use and recommend three levels of password and email address security for both personal and business use.
Level One, the most sophisticated, is for the most sensitive business, financial, identity, and personal health information. The second level is for sites and accounts that are worth protecting because they collect limited amounts of non-critical information. The third group, the most-used, least secure group is for sites that require passwords to protect them against misuse but collect no sensitive information from us. We use the least secure codes and addresses for 86% of all uses, the middle levels for 12%, and the first level for less than 2%. When used in conjunction with a high-quality VPN, the risks are minimized.
In a recent review, the least secure passwords and email addresses have been compromised more than 600 times through breeches at scores of sites. Interestingly, the majority of breaches occurred several years ago and the rate of breaches has declined substantially in recent years as many sites have improved security. Mid-level uses have had no misuse incidents or reported breaches; the same with our top-level passwords and email addresses. Obviously, using the best emails and passwords at the most secure websites pays off by securing those credentials against misuse.
In the last two years we’ve relied on 1Password to create and manage more of our passwords and none have been breached or misused. Because 1Password is so convenient to use, we’ve expanded its usage to more than 80% of our new passwords at all levels.
Originally published in our July 2024 Newsletter