Never Email a Password

Posted in Good Advice, Good Practices, IT Tips

Password protection best practice is that you never email passwords as it is not secure.

Do not ever risk a security breach as it could cost you your livelihood.

Generally emails are sent in unencrypted plain text so can be easily visible.

An email when sent on its journey is often stored in many servers any of which can be hacked.

An email is usually stored locally on a computer in plain text (even if deleted) which can be hacked

Remember that if the password for your email account is compromised, hackers, simply by requesting password resets, can get access to all your passwords that are emailed back to you.

You can safely send passwords by:

Communicating passwords verbally

Sending passwords through SMS or text message

Using a “one-time password” and then setup a new and strong password using lower/upper case letters, symbols and numbers

Using a password manager to share passwords

Using encryption to add a cipher to emails.

If you receive an email with a password change it immediately after login or call the sender to reset the password and give it to you over the phone.

You have been warned!

Leave a Reply