Carnegie Mellon University

Frustrated woman trying to remember password.

February 15, 2021

How Secure Are Your Passwords?

How secure are your passwords? If you’re like most of our campus community, you’ll take time to consider and nod your head. Sure, your passwords are secure. You use a password manager. You have a complex password that follows recommendations. You don’t give your password out to anyone.

What most of us don’t consider is how often we reuse our passwords. With practically every website requiring a login these days, it’s impossible to memorize every password. So we have to reuse, don’t we? Unfortunately, that’s an assumption that hackers are counting on us making. 

Cyberattacks on companies around the world have released tens of millions of passwords into the Dark Web. Knowing how often people recycle login credentials, attackers weaponize those passwords.


What most of us don’t consider is how often we reuse our passwords.


But you can minimize the risk. Take these steps today and you’ll decrease the chance of an attack tomorrow.

  1. Verify Your Personal Email Address. If you get locked out of your Andrew account, your personal email is the fastest path to reinstating your access.
  2. Change Your Andrew Password. Choose a password that’s both secure and unique to your Andrew account. Just be aware that other applications, such as desktop email, may prompt you to log in with your new credentials the next time you visit them.
  3. Register for Two-Factor Authentication (2fa). All students, faculty and staff are required to enroll in 2fa. This tool allows you to use your mobile phone or tablet to confirm your identity when logging in with your Andrew credentials.
  4. Use a Password Manager. Apps such as LastPass are simple to set up and often have browser add-ons available for ease of use.

Knowing how often people recycle login credentials, attackers weaponize those passwords.


Don’t sacrifice a secure password in exchange for one that’s easy to memorize. Five minutes is all it takes to ensure your information stays out of the wrong hands.