Password security tips: When and how to share them safely with loved ones

Your passwords are one kind of secret you probably need to keep, even from trusted loved ones.

We're conditioned almost constantly to protect our passwords. Don't write them down. Don't store them in a Word doc on your desktop. Don't share your password over the phone or by email. Don't ever give your password to anyone under any circumstances. The gray area comes with whether to share your password with significant others.

Intel Security commissioned a survey of 2,507 adults aged 18-54, who are online and use Internet-connected devices in North America (US), Asia Pacific (Australia, Singapore), and Latin America (Brazil, Mexico). The results illustrate the varying opinions on just how much you should share with your spouse.

In the United States, 32 percent of the survey respondents said they know their significant other's bank or credit card password(s). The Intel Security report doesn't indicate whether that password knowledge was shared voluntarily by the other person, or known through other means.

The flip-side to this finding is that two-thirds of US adults apparently do not know the bank or credit card passwords for their significant other. That shows serious dedication to the idea of keeping passwords secret.

The survey also discovered, however, that other passwords are shared more readily. More than half (55 percent) of those surveyed in the United States, for instance, know their partner's Facebook password (and vice versa). Just under half (46 percent) indicated they know their significant other's email or PC password, and 45 percent reported knowing the other's cell phone password.

The Intel Security survey also explored how couples communicate, and whether sensitive content is deleted once sent or viewed. Despite prominent scandals around nude selfies and the like, 28 percent of U.S. respondents surveyed did not delete personal data after sharing it with someone else.

Any time you share a password or anything else online, you increase the risk that it might be exposed or compromised. Michelle Dennedy of Intel Security offered some tips to help you protect your device and personal information:

" Share with caution: Dennedy stresses that you should not share passwords with anyone--including a spouse or partner. If there is an actual need to share a password, she suggests creating a unique code just for that account and monitoring activity closely. Be prepared to change the code immediately if it appears to be compromised.

" Use a PIN to unlock your phone: Your smartphone or tablet contains all kinds of personal and sensitive information. Protect your mobile device with a PIN or passcode of some sort. Don't choose a PIN that's an easily guessed pattern or something easy to find out like your birth date. (Bonus tips: 9 other ways to lock down your phone.)

" Delete, delete, delete: What you do with your nude selfies or other highly personal content is up to you--but keeping it, or sharing it with anyone, carries risk of embarrassing exposure. Dennedy advises, "If you send personal or intimate messages, make sure to delete the content from your device and in the cloud as soon as possible. It can save you damage control for your reputation later on, both online and offline."

" The Internet never forgets: There are two rules of communicating on the Internet: Be careful what you say in a public forum, and it's all a public forum. Some sites and services are more secure than others, and you generally have some degree of control over who can view your posts. But all it takes is a screen capture to take a post away from your control. Dennedy cautions that you should be mindful of what you put out there.

Dennedy's advice is solid, but it closes off the ability of one significant other to step in if the other dies or becomes unable to manage online accounts. You have to find the balance between being vigilant about protecting your passwords and securing your online identity, and being honest and sharing with the most important people in your life.

One possible solution would be to use some sort of escrow service like Planned Departure. You can keep your passwords and information private while you're alive, but let a trusted third party store them and provide them to your loved ones in the event of your death.

Join the CSO newsletter!

Error: Please check your email address.

Tags iscoidentity theftIntel securitysecuritypasswordsIdentity fraud / theftintelprivacyFacebook

More about FacebookIntel

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tony Bradley

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts