Why can't you use the same password for every site, if they are hashed on the site?

Question

I've often heard people talking about not using the same password on every website. What's the deal if servers store passwords in a SHA hash instead of plain text? The most they can do is spam you with junk mail, right?

Answer 1

Passwords may be stored as a hash in the database, but there are so many ways that this simple process can go wrong. And once one of your passwords is known, then all the rest of your accounts are at risk.

Consider the very simple case where you enter the password into the username field. Now your password is exposed in clear text in every server log for that site. And you can't go back.

Consider also a website that made a small change to their login process, but there was an error in their code, and all passwords entered were also in a plaintext file that the developers forgot to disable (this actually happened to a major site).

Once one password that you've used gets exposed, for whatever reason, then you have to go to all your accounts that used that password and update the password on them all, else you risk that account.

Instead of re-using passwords, use a password manager that can take all the guess-work and memorization out of the equation.

Answer 2

Lots of reasons. Some notable ones are:

• Web server security failure around password handling, such as passwords ending up in log files (happens more than you might think!) or being encrypted (reversible) rather than hashed.
• Web server security failure that exposes passwords in RAM, such as the Heartbleed vulnerability from years back, the more recent hardware issues such as SPECTRE, or any time an attacker gets code execution within the server (due to buffer overflow or similar).
• Web server / database security failure (such as SQL injection) that exposes password hashes.
  • Unsalted passwords can easily be looked up in rainbow tables, which can easily contain contain hundreds of billions of passwords - possibly more than a trillion, if you have enough TB of storage - and their hashes, sorted for instant lookup by hash.
  • Salted passwords can be brute-forced. Modern GPUs can compute tens of billions of hashes per second, enabling extremely fast search.
  • Even passwords hashed with a slow hashing function suitable for passwords (WHICH SHA IS NOT! DO NOT DIRECTLY USE ANY MEMBER OF THE SHA or MD FAMILIES, PLAIN OR EVEN SALTED, FOR PASSWORDS!) can still be brute-forced, it just takes longer. If somebody has your hash but wants your password and is willing to spend the time/effort, though, they can get it.
• Web application security failure that exposes your password client-side, such as XSS on the login page.
• Phishing site that tricks you into supplying your password directly to the attacker.
• Malicious site (or site with a malicious or compromised admin) deliberately captures your passwords as they arrive over the network (doesn't matter if they're also hashed for storage!)
  • https://xkcd.com/792/

Answer 3

Because surprisingly many sites don't encrypt their passwords. HaveIBeenPwned currently tracks 507 pwned websites totaling 10,596,924,357 pwned accounts... if you shared a password with one of those sites, then the password is known to attackers.

Answer 4

Junk mail has nothing to do with it.

The point is that if your password is broken (brute force, rainbow tables, whatever), the first password to be tried on any of your other accounts is That Password.