Security experts are united and clear—to protect yourself online, it is essential to use a different, strong password for each of your online accounts. Password managers were created to help implement this advice, and a number of offerings are on the market. This post explains that your protection is even greater when you use a password manager together with ManyMe, and suggests several steps for use.
For background, access to online accounts typically requires a username and password, together referred to as one’s log-in credentials. The username is often, but not always, one’s email address. When your log-in credentials are different for every site, you limit your vulnerability to “credential re-use attacks,” in which hackers use credentials stolen from one of your accounts in hopes of gaining access to your other accounts, too. This common tactic is also known as a “credential stuffing” or “spray and pray” attack.
To maximize your online protection and reduce your risk, ManyMe recommends three simple steps:
First, create “double strength” log-in credentials by using a different password and a different email address for each of your online accounts. This practice makes it even harder for an attacker to crack your credentials, and reduces your exposure to credential re-use attacks.
For added security for sensitive accounts, particularly financial and medical sites, ManyMe encourages you to use a more difficult-to-guess ManyMe address. For your bank, for example, you might use an address like username.mybank-37&4@manyme.com. Using a more complicated label—the “.mybank-37&4” portion of the address — makes it even harder for a hacker to use brute force methods to compromise the email address portion of your login credentials. No matter how complicated the address, both ManyMe and the password manager will remember it for you.
Second, for sites that don’t use your email address as your username, visit your account profile and provide a unique ManyMe address for all account correspondence. This is important to do because ManyMe addresses can help you identify fraudulent senders. For example, if a sender purporting to be your bank sends an email to you at username.jetblue@manyme.com or any other inappropriate address, the sender is obviously an impostor, the message should be deleted, and the sender blocked.
Third, give your password manager vendor a unique ManyMe address for reaching you—a more complicated address is advisable, given the hyper-sensitivity of your password account.
Of course, ManyMe gives you added protection even if you don’t use a password manager. Studies estimate that less than a quarter of online Americans use password managers, and that roughly one-half of people reuse passwords (which we strongly discourage). While a different email address isn’t quite the same as a different password, the routine use of ManyMe will by itself make sure that your log-in credentials always differ from account to account.
To summarize, for added safety always use a different ManyMe address for every online account registration. While there aren’t any true “knock-out punches” in the world of cybersecurity, ManyMe and password managers give you a powerful “combination punch” for stronger protection. And remember, ManyMe has the added advantages of protecting the privacy of your primary email account and delivering unmatched control of your email inbox.
It’s too easy not to do it! Start making ManyMe a habit!