Trouble In Password Paradise

Many people use the same password for all of their accounts. Why? Because it is easy to remember just one password across all accounts.

But is that a good idea? Nope. If that password were to fall into the wrong hands, it potentially could be used more pervasively to the disadvantage of the true password holder.

And this is not a hypothetical concern. Indeed, recent press reports are rife with disclosures of major password hacks/leaks.

As many of you know, LinkedIn has confirmed that many user passwords have been compromised. Some reports indicate that the number of passwords at issue could be as high as 6.5 million.

On top of that, there have been recent reports that as many as 1.5 million passwords of eHarmony users have been compromised.

And if that were not enough for one week,, an Internet radio site, reportedly is investigating leaks of its user passwords.

Certain members of Congress do not view password threats lightly. Senator Patrick Leahy of Vermont and Representative Mary Bono Mack of California have referred to the recent password hacks as a further reason why data security legislation should be passed.

Meanwhile, users of the above-referenced sites would be smart to change their passwords for those sites. And people generally should use different passwords for their various accounts and they should change them periodically.

This may be a hassle, but an ounce of prevention in this context could be worth more far than a pound of later, potential cure.

Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP ( where he focuses on litigation matters of various types, including information technology and intellectual property disputes. His Web site is and he can be reached at To receive a weekly email link to Mr. Sinrod’s columns, please send an email to him with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.

© 2009- Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress