What Is Password Sharing & When Should I Use It
Sharing passwords is a common and often unavoidable practice that can make you vulnerable to hacking and data breaches. Let’s discuss what password sharing is and how it can be done safely.
What is password sharing?
Password sharing occurs when you give your login information to friends, family, coworkers, or others so they can use your accounts or applications on their own devices, even when you are not there. A recent survey showed that 79% of Americans share their passwords. Passwords can be shared in a variety of ways, including:
- Phone calls and paper notes: WiFi passwords or streaming service credentials are often shared informally over the phone, on sticky notes, or on scraps of paper that are inherently not secure and can easily be misplaced. Equally problematic are passwords for workplace applications taped to laptops and monitors. Sharing passwords over the phone isn’t ideal because sometimes it can be hard to communicate the correct password, especially if it’s complex and random like a strong password should be (nobody wants to pronounce “#o4&$fJ@Ef” over the phone). Sharing passwords over the phone in public also isn’t safe, as you never really know who’s listening.
- Electronic password sharing: Password sharing at work is complicated by remote working practices. More passwords are shared through unsecured channels such as email, Slack, or text messages, which could be exposed during a data breach. While many companies establish policies to manage passwords across the business and discourage insecurely shared passwords, these electronic methods are commonly used to share passwords for both business and personal accounts.
- Encrypted password sharing: Luckily, there are now safer, more private shared account password management methods available. Password managers like Dashlane use a secure vault for password storage and also include an encrypted portal for password sharing. This allows users to transfer password information securely without sacrificing privacy or increasing vulnerability.
What accounts are most commonly shared?
The most commonly shared password types should be easy to guess since many of us have shared these ourselves. It’s critical to remember that any of these passwords, no matter how inconsequential they seem, present unique risks if they are ever lost or stolen.
Passwords commonly shared at home:
- Subscription accounts: Passwords for online retail and subscription accounts like Amazon or Netflix are commonly shared with friends and family members. These accounts also contain financial information like credit card and bank account numbers, so it’s important to keep careful track of who you share them with and change passwords if you suspect a data breach or find your information on the dark web.
- Financial accounts: Bank and credit card passwords are often shared with spouses or partners, especially for joint accounts. These passwords should always be complex, unique, and stored securely. Many financial institutions have implemented 2-factor authentication (2FA) to verify authorized user identity and minimum character counts to increase password security.
- WiFi access passwords: Sharing WiFi passwords with housemates and guests is often unavoidable, but this presents security risks if the logins are not shared safely. If someone gains access to your home WiFi network without your knowledge, any misuse of internet services can be blamed on you, or malware could be spread amongst your devices. Guest networks and one-time passwords are among the available options for boosting WiFi password protection. If you’re using WiFi that was shared with you, be sure to use a VPN to further protect yourself from vulnerabilites.
- Email accounts: Much like subscription and retail accounts, email passwords are often shared with partners for convenience. Lost or stolen email passwords allow your contact lists and personal information to be compromised. Since email can also be used as 2FA for other accounts, compromised email credentials can expose the accounts of both partners to hacking and data theft.
Check to see if your business email has ever been breached. Run a scan on businessbreachreport.com.
Passwords commonly shared at work:
- Social media accounts: Unlike personal Facebook, Twitter, and Instagram accounts, social media accounts for businesses are often accessible to multiple employees so that posts can be added more conveniently. These social media accounts are essential to company reputation and branding, so password access and sharing should be monitored and controlled according to the employee password sharing policy, especially when workers join or leave the company.
- Company credit cards: When employees share a credit card, they also share online account access. Many companies assume that issuing fewer company cards and allowing users to share them is the preferred strategy, but this convenience can come at the expense of security if companies are unsure of who is using the card or fraudulent transactions are suspected.
- Shared utilities and tools: Application sharing is a common company strategy used to reduce seat licensing fees, so many workers assume it is harmless to share their online tools and utilities. Cloud-based applications are moving away from these per-seat licensing models. Unique logins for each employee improve security and compliance by allowing companies to monitor who has been granted application access and who is working on or changing company systems at any given time.
- Company email: Much like is the case with personal email, shared passwords for work email accounts can expose the data and confidential information of multiple users in the event of a data breach. Shared email accounts also create privacy and confidentiality concerns when company emails can be read or sent by someone other than the account holder.
The dangers of password sharing
Password sharing without taking proper precautions can expose you to the following dangers:
- Cybercrime and scams: Cybercrime tactics include phishing emails intended to lure unsuspecting individuals into clicking on unsafe links or providing personal information, and brute force attacks in which cybercriminals randomly enter password and username combinations until a match is found. Scamming tactics like fake websites get targets to provide account information or passwords voluntarily.
More than 53 million individuals were affected by data compromises in the first half of 2022 alone. If an individual you have shared a password with at home or at work is impacted by cybercrime, your identity and information become vulnerable as well.
- Turnover: With more workers changing jobs frequently, employers are taking precautions to prevent data theft when employees turn in their devices and network access is terminated. Shared account passwords can complicate the offboarding process since, without the right tools, employers and IT teams won’t know for sure who had access to what. This can lead to unnecessary password resets or compromised company data.
Learn how the CEO and Founder at RevGenius discovered a clear and fast onboarding and offboarding process and reduced turnover with Dashlane. Read the case study.
- Tracking: Shared passwords make it harder to know who purchased, ordered, changed, or canceled online goods and services. This applies to organizations and individuals alike---accountability is important for even the most trusted employee or family member. The same danger applies at home, even for passwords shared with trusted family and friends.
How to share passwords securely in the workplace
Since password sharing is unavoidable in many circumstances, it’s a good idea to review how to share passwords more securely by using some of the available tools and best practices:
- Secure password policies: In the workplace, a secure password policy can be used to set norms and expectations for things like password strength, reuse, storage, and sharing. Employee education and training on the policy and user-friendly password management tools help to close the loop and build a sustainable security culture with improved adoption and compliance.
- Careful access management policies: Access management policies control system access for each user, which reduces shared password risks. The principle of least privilege (PoLP) works by limiting employee access to only the minimum applications and resources they need to complete their work. Just-in-time policies set predetermined access time limits so that shared passwords or retained passwords will not work indefinitely and the risks from lost or stolen passwords are minimized.
How to share passwords securely with friends or family
Dashlane’s password manager includes a secure password sharing portal that allows you to transfer credentials to friends or family members securely without increasing your vulnerability. The password sharing feature can also be used to share secure notes or passwords with other Dashlane users, even if they are not part of your family plan. Since the information is encrypted and passwords are safely autofilled, there’s no need to use online communication platforms or paper notes.
Even if you securely share your passwords with others, 2-factor authentication (2FA) is a smart way to protect your accounts. 2FA uses a second credential, like a code sent through an app or text, to confirm user identity. 2FA makes a password essentially useless without the correct device and/or app to retrieve the code. Those you have shared passwords with need to be in direct contact with you to complete this extra authentication step, which greatly reduces the cybersecurity impact of shared, lost, or stolen credentials.
What Dashlane does to secure password sharing
Dashlane makes password sharing and other types of secure data sharing faster and safer. The sharing center syncs quickly and reliably between devices so that password-sharing requests are sent and received instantly. Dashlane’s password management solutions make it easy to create strong, random, and unpredictable passwords while providing standard features like 2FA, Password Health scores, and 256-bit AES encryption that encourage and support secure password sharing.
Passwords are often the only protective layer standing between a malicious actor and your data, which makes safe password sharing critical. Learn more about password hygiene and the latest best practices in Password Management 101.
- The Zebra, “79% of Americans Share Passwords, But Only 13% Are Worried About Identity Theft,” January 2023.
- Dashlane, “5 Things to Know Before Sharing Passwords With Your Partner,” February 2021.
- Dashlane, “How Strong Is Your Password & Should You Change It?” August 2022.
- Dashlane, “How To Maintain Security When Employees Work Remotely,” October 2022.
- Dashlane, “How to Manage Passwords at a Business Level,” September 2022.
- Dashlane, “Best Way to Store Passwords at Home or Work,” September 2022.
- IT Governance, “95% of people share up to six passwords with others,” March 2016.
- Dashlane, “Is Netflix Really Cracking Down on Password Sharing? Plus, the Dos and Don’ts of Sharing Any Password,” April 2021.
- Dashlane, “Always Change Your Passwords After a Breach,” March 2020.
- Dashlane, “What the Hack is 2FA?” February, 2020.
- Malwarebytes, “How to share your Wi-Fi password safely,” January 2022.
- TechTarget, “One-time password (OTP),” 2022.
- Dashlane, “Creating a Password Policy Your Employees Will Actually Follow,” July 2022.
- Ramp, “Sharing corporate cards? Why it’s dangerous to sacrifice security for convenience,” January 2022.
- Dashlane, “What the Hack is a Brute Force Attack?” February 2020.
- Statista, “Annual number of data compromises and individuals impacted in the United States from 2005 to first half 2022,” 2022.
- Dashlane, “You Asked, A Hacker Answered: 7 Questions With Rachel Tobac,” October 2021.
- Dashlane, “Sharing Passwords Through Slack Is Risky,” November 2019.
- Palo Alto Networks, “What Is the Principle of Least Privilege?” 2022.
- Dashlane, “Share your saved items in Dashlane,” 2022.
- Dashlane, “New to the Web App: A Redesigned Sharing Center,” June 2021.
- TechTarget, “Advanced Encryption Standard (AES),” 2022.
- Business Insider, “How to share passwords with family using the Dashlane password manager, and give up to six people access to your logins,” July 2020.
- Dashlane, “Password Management 101,” 2022.
Thanks! You're subscribed. Be on the lookout for updates straight to your inbox.