Shared Account Check

TL;DR

This guide helps you find out if anyone is using shared passwords for important accounts (like banking or email). We’ll cover checking password managers, looking at browser saves, and scanning your computer. It’s about finding weak spots where multiple people might know the same login details.

Finding Shared Accounts

1. Check Password Managers: This is the easiest place to start.
   • If you use a password manager (like LastPass, 1Password, Bitwarden), look for entries with the same password used across multiple accounts.
   • Most managers let you search or sort by password. Look for duplicates.
   • Some have built-in reports showing reused passwords – check your manager’s documentation.
2. Browser Saved Passwords: Browsers store logins too.
   • Chrome: Go to chrome://settings/passwords. Look for identical passwords listed under different websites.
   • Firefox: Type about:logins in the address bar. Sort by password and check for duplicates.
   • Edge: Go to edge://settings/passwords. Similar to Chrome, look for repeated passwords.
3. Scan Your Computer for Text Files: People sometimes write passwords down (bad idea!).
   • Use a simple text search tool (like Windows Search or macOS Finder’s search).
   • Search for common file names like “passwords.txt”, “logins.txt”, or even just “password”. Be careful opening any files you find – they could be old and misleading, but also potentially contain sensitive info.
4. Check System Login History (Advanced): This can show if multiple users are logging into the same account.
   • Windows: Open Event Viewer (search for it in the Start Menu). Go to Windows Logs > Security. Filter by Event ID 4624 (successful login) and look for repeated usernames accessing the same service/account. This requires some understanding of Windows logs.
   • macOS: Open Console (Applications > Utilities). Search for “login” or the username of the account you’re investigating. Again, this is more technical.
5. Review Account Security Settings: For critical accounts like banking or email:
   • Check ‘Recent Activity’ logs within the account itself. Look for logins from unusual locations or devices.
   • Enable two-factor authentication (2FA) wherever possible. This makes it much harder for someone to access an account even if they have the password.

What To Do If You Find Shared Passwords

1. Change the Password Immediately: Use a strong, unique password that no one else knows.
2. Inform Affected Parties: Let anyone who shared the password know it needs to be changed.
3. Enable Two-Factor Authentication (2FA): This adds an extra layer of security.
4. Educate Users: Explain why sharing passwords is a bad idea – it compromises cyber security and puts everyone at risk.