Is it ok to use a weak password as long as I have two-factor authentication?

1127975 pts.
Tags:
Authentication
Password
When it comes to passwords, I'm pretty strong. I never reuse passwords across sites and I try to use two-factor authentication when it's available. But I do realize that typing all those passwords is a problem. A good friend of mine asked me why I don't use a weak password when two-factor authentication is already enabled. Would it be safe to just weaken my password for my own convenience? Or am I missing something here?
1

Answer Wiki

Thanks. We'll let you know when a new response is added.

Using a weak password is never a good idea.  It is getting much easier to hack passwords these days.  There are some sites out there than when you set up your account, say to a major company or a bank, that if the password is not strong enough, they will prohibit you from creating the account.  So, best practice, uppercase, lowercase, numbers, special characters, and a minimum of 15 characters.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    I've always found that a layered security approach is the best. When one mechanism fails, the other one(s) can kick in. Using strong passwords is a mindset and a way of working securely. If you end up getting out of the habit of using strong passwords (ideally passphrases) then you will inevitably set a weak password on a critical system/application that has no other protective mechanisms. Thus, the continuing cycle of data breaches...
    27,460 pointsBadges:
    report
  • Ken Harthun
    NO, NO, NO, NO, NO! NEVER use weak passwords for anything critical. One would assume that if 2FA is being used, the information is critical or sensitive. Sure, remembering a lot of strong passwords is a pain, but that's what password managers like LastPass, KeePass, RoboForm, etc. are for: One strong password for them all. And most of the better ones (I'm partial to LastPass) also support 2FA for access to the vault. ALWAYS choose strong passwords.
    2,300 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: