Passwords and management of those passwords are a big pain – no two ways around it. One website requires a symbol, another requires 14 characters and your bank requires 10 characters, four PIN numbers and the answer to a secret question. It becomes easy to just use the same three or four passwords for everything – after all, that’s more secure than one password for everything, right?!
Here’s the problem with this strategy. Let’s assume that you have a Gmail account, an Amazon account and some accounts at big-box retail stores. You use the same password on all of the sites, and you use it for the account you set up on the great website you found to order gift cards as client gifts – at 10% less than their value. Then, the gift-card website gets hacked or falls victim to an attack. Not only do the crooks get your credit-card information, they also get the list of all of the website’s users and those users’ passwords. They publish the list freely out on the Internet. (Don’t believe it? Check out https://rehmann.co/projects/10mil/ )