I’m a tech expert – millions risk devastating ‘attack’ over common Android and iPhone mistake
A COMMON password error on your smartphone can be devastating.
Worse, cyber experts say gadget users are at risk because it’s “tempting and convenient” to ignore the easy fix.
1
Passwords are one of the most popular ways to log into a website.
But too many Android and iPhone users make a big mistake when it comes to their logins.
Speaking to The Sun, Matthew Hamilton, Senior Security Operations Center Analyst at Adarma, warned against reusing your passwords.
Finally, both Android and iPhone devices have built-in password managers that prevent you from having to log in again.
“While it may seem tempting and convenient, using the same password for multiple accounts poses a significant security risk,” explained Matthew.
“Password reuse puts both individuals and organizations at risk of credential stuffing attacks.”
“In such attacks, hackers use exposed credentials to test them on different websites.
“If a few passwords give access to multiple accounts, attackers can quickly and easily compromise multiple accounts.”
Matthew also warned that if Gadget users have the same passwords for their work accounts, it can become a “critical” situation.
That means you could cause your employer a lot of trouble — and risk being fired if your accounts were hacked.
Fortunately, there is no longer a need to remember long and unique passwords for each and every website or app.
Instead, you can let your device help you.
“A far more secure solution to managing multiple passwords is to implement a password manager,” advises Matthew.
“This powerful tool can generate and suggest alternate passwords for your different accounts, so all you have to do is remember the master password for the password manager yourself.”
Apple offers a free password manager for iPhone called iCloud Keychain.
When you log into websites, it suggests strong and unique passwords – and saves them in case you need to log in again.
Google also offers a free manager for your passwords in its Chrome browser.
This is also a way for Android phone owners to avoid being caught by clever scammers who take advantage of poor password hygiene.
Apple and Google are also both pushing a new breed of sign-in technology called passkeys.
These are now being rolled out on some websites and apps and allow you to sign up for services without even needing a password.
Instead, you verify your identity using a passkey, which is verified using a secure system such as Apple’s Face ID facial scanning technology on iPhone.
More services are expected to support Passkeys in the coming years.