Speak To Our Team

Uncovering All the Places Your Passwords are Hiding (and vulnerable) 

by Joinesty, on Aug 18, 2017 2:48:00 PM

You may not remember storing your passwords in these 9 locations — and hackers who know where to look hope you never do.


In the wilderness of the internet, there are lions and there are gazelles.

Lions are predatory hackers scouring dark web forums for the latest data breaches and password-unlocking tools. Gazelles try to stay one step ahead of them.

You want to be a smart gazelle.

And that means constantly updating your passwords and storing them securely.

But let’s be honest: Do you even know how many passwords you even have? Or all the places currently storing your credentials right now?

Most of us rely on our browser’s autofill feature to save and fill in our passwords when logging into our online accounts.

But your browser isn’t the only place your passwords are hanging out unprotected in the digital savannah.

Since ignorance is not bliss when it comes to managing your credentials, you have to locate all your logins currently floating around cyberspace and stop them from becoming easy prey.

Because When One Password is Compromised, Chances are Several (More Serious Breaches) Will Follow After It

Hackers don’t want to alert your bank or credit monitoring agency to their activity. On average, hackers usually stay hidden on a network for over 140 days!

Said hacker will be prowling around looking for vulnerabilities and stealing sensitive data like your passwords and personal information. And you won’t even know until it’s too late.

So if the places storing your pitifully basic passwords aren’t also protecting them, your credentials are sitting ducks to seasoned hunters.

Once a hacker scores the password you use for your burrito deliveries, they’ll try to use it to unlock more financially rewarding accounts, like your credit cards or online trading platform.

Stop storing your passwords in these unsafe locations and you’ll be a step ahead of the pack.

The 9 Most Commonly Overlooked Places Your Usernames and Passwords are Hiding

Once you find all your online credentials, clean these caches out, update your old-yet-still current passwords, and make it harder for hackers to steal your logins from:

1. Your Computer, Laptop, and Mobile Devices

When a program, website, or wireless network asks to store your password, that information is ultimately saved on your computer or laptop’s hard drive.

The next time you’re asked to login to that account, your hard drive will automatically enter the data when prompted for your username and password.

Both Windows and iOS devices have options to save your passwords under their User Accounts and Keychain Access tabs, respectively.

Here you’ll be able to view, edit, and manage how many of your passwords you want saved physically like this. Try to aim for zero.

See, whenever someone has access to your computer, they’ll also be logged into all your accounts when you save them this way. There’s hardly any identification required to have full access to all your passwords.

Plus, if a security flaw is uncovered, your computer will be wide open to hackers until a patch and update are issued and installed.

This happens all the time with internet browsers.

2. Your Internet Browsers (Chrome, Firefox, Safari, etc.)

Most people depend on the built-in password-saving features of their browsers. After all, when you need an online login, what better place to have your passwords stored than in the very app you need them?

Unfortunately, most browsers don’t securely store your data as well as you’d expect them to. Their version of encryption is about as helpful as giving you a set of arm floaties when you’re surrounded by sharks.

Similar to storing passwords on your computer, anyone who wants to check their email or update their Twitter from your device, like your roommates or co-worker, will automatically be logged in to your accounts.

Additionally, that user will also be allowed to view all the stored passwords on your internet browser. Since browsers don’t ask for identification, any user will have access to the list of usernames and passwords you save here.

To find these, head to your browser’s settings, preferences, or options. Look for choices such as Show Passwords or Saved Passwords. Prepare to be amazed by the number of accounts you find.

3. Your Mobile Apps

Not having to remember and type in your login credentials when you’re paying bills from your phone makes life so much easier. 

But storing your passwords here is a major gamble.

Mobile app security flaws are discovered faster than developers can patch these scary holes. You never know when your passwords will be part of the next hacker attack you didn’t even hear about.

4. Your Favorite Social Media Sites

Saving your social media credentials makes for effortless selfie updates, but social media sites aren’t known for their strong passwords.

Troy Hunt, the creator of the Have I Been Pwned website that lets you find out if your online accounts have been compromised, says website operators are:

Faced with this paradox of security versus usability. If they enforced a minimum of 30 characters [for passwords] they'd be enormously secure... and have no customers.

“They're forced to dumb down requirements in order to make the system appealing to the vast majority of people who don't use password managers."

So on top of having poor passwords, people often forget to update their social media passwords, as:

  • 50% haven’t changed their social network passwords in over a year
  • 20% have never changed their social network passwords (ever!)

Almost every social media site, from LinkedIn to Facebook and Tumblr, has experienced their fair share of data breaches.

Sometimes these leaks aren’t publicized, leaving your email address, usernames, and passwords vulnerable. And if you’re reusing passwords, you know what that means for your other accounts.

5. Every Website You Create an Account With

How many times have you signed up for an online account just to earn a discount or free shipping or gain access to exclusive content?

Your personal login information for all these sites is out there like a trail of breadcrumbs leading right back to you in the event of a data breach, hacking attack, or security leak.

Many of the online systems in place are still unable to handle all of today’s digital threats. According to a recent Citrix report:

  • 70% of businesses say some of their existing security solutions are outdated and inadequate
  • 98% of businesses will spend over a million dollars in 2017 just to guard against cybersecurity threats

Hackers can read everyone’s credentials without lifting a finger or breaking a sweat when there’s a major data breach.

Giants like Apple, Amazon, and Target have all been compromised by hackers in the world's biggest data breaches. No site is immune so you can’t trust any of them.

6. Your External Devices (like printers, routers, wifi hotspots, etc.)

As George Webster writes for HP, “An increasing number of businesses are being hacked through the unsuspecting printer in the corner of the office.”

Webster confirms that in many cases, printers and multifunction printers (MFPs) may be the weakest ‘known’ links in the security of a company’s IT operations right now.

That’s because anything connected to your network stores the password to said network.

Router passwords are considered one of the easiest to crack for newbie hackers using automated encryption hacking software. Most people still use the default password printed on their router or modem itself!

When hackers gain access to your wireless router or network, they can:

  • See all the files and passwords stored on your computer, laptop, mobile devices, etc. connected to the network
  • Watch all the websites you visit and copy your usernames, passwords, and other private login credentials
  • Read all your emails and prompt and intercept password resets
  • Control your computer’s webcam
  • Spread a virus or install malware to steal your passwords

Limit how many of these devices store your password and you’ll be safer. And always download the latest updates for these devices so your passwords are never exposed in a security hole.

7. Spreadsheets, Docs, and Cloud Storage

It’s outdated and unsafe to store your usernames and passwords in a Excel spreadsheet or a Google Doc yet 24% of adults prefer keeping track of their credentials this way.

All it takes is the right remote hacker or untrustworthy user on your computer to crawl over the files and steal an organized list of every username and password you’ve ever created.

That’s helpful of you for hackers, but not smart for your password safety.

8. Your Text Messages and Emails (and those of all your recipients)

When your friends or family members come over, they probably want the wifi password before a drink. So do you text it or email it to them?

Chances are you’ve shared a few passwords, as 41% of adults say they’ve shared an online password with a friend or family member at least once.

But when you share your password, do you change it afterwards?

If you don’t, your passwords aren’t only sitting in your text messages or email inbox (which aren’t encrypted for protection), they’re also sitting in your friend or family member’s text messages and inbox.

Do you trust that they’re taking the same password precautions you are?

If they’re signing in with your password on public computers, or writing them down in their home or cubicle, your password is no longer in your control.

9. Every Other Physical Place You Forgot About

Whether you’re more likely to write down your work logins and passwords, or you keep the password to the Netflix account visible for the babysitter, 49% of adults keep at least one password written down on a piece of paper.

By now you should already know the dangers of your password being exposed like this.

So just focus on eliminating your logins from the most popular physical locations people hide their passwords, such as their:

  • Desk and workspace area, stuck to computer monitors, hidden under keyboards, or scribbled on a random sheet of notepaper on a seemingly blank pad.
  • Wireless router, which usually has the default password written right on it. Change this so visitors don’t have access (like if you’re throwing a party or have a pet sitter stop by).
  • Safes for important documents like your birth certificate, passport, deed to your house, etc. Many people wrongly assume they’re also keeping their passwords “safe” here, but they rarely get updated, which is even worse.

Go through each of these 9 locations, clear out your passwords, and start over with a password manager.

The Safest Place for Your Passwords is Under the Lock and Key of a Password Manager like Joinesty

When your accounts are hacked, everything from your passwords to your social security number, address, and birthdate are exposed and vulnerable.

Everyone needs a password manager because we’re physically incapable of remembering all our complicated login credentials.

A password manager like Joinesty, on the other hand, works just as seamlessly as your browser’s autofill function, except it actually encrypts and protects all your passwords with bank-level security.

Plus, the Joinesty auto-signup finder will show you all the accounts linked to your email address so you can track down your digital footprints fast and painlessly.

Another huge bonus?

Joinesty creates a different email address for each site you sign up for. That means you’ll never have to use your personal email address for your online accounts ever again.

With a password manager in your corner, reusing passwords will also finally become a bad habit you put in your rearview mirror for good.

So let Joinesty take care of all your password protection for you.

All you have to do is start your free 14-day Joinesty trial today and see just how easy it is to take back control of your online privacy.

Topics:Password Management