No, we’re not talking about the undead. Although it’s 2021, so hey, anything is in the realm of possibility.

We’re talking about zombie accounts.

You know, from that time you really wanted to buy something from an obscure website so you set up an account, and then never used it again and promptly forgot about it.

And it may or may not have had the same password you continue to use for all your accounts now. The worst part is, many of those accounts may be connected to your credit card information or other sensitive details.

Too many accounts to count

More and more apps and websites pressure users to create accounts with them, and as time goes by, these accumulate, leaving the user with a stack of accounts that they may not use, want, or need long-term. According to Digital Guardian, 70 percent of consumers have more than 10 password-protected accounts, and 30 percent of consumers have “too many to count.”

Keeper Security relates:

Over time, the typical consumer stops using and forgets about many of those accounts. Known as “zombie accounts,” these long-forgotten logins may include free trials that you never followed up on; social media networks, blog platforms, games, and message forums that you lost interest in; stores that you no longer shop at; and apps that you used only once or twice.

Where’s the risk?

If a consumer uses the same passwords across a variety of accounts, and a security breach happens to one of those providers, that could compromise the consumer’s current accounts. Cybersecurity writer Brooke Crothers at Forbes explains:

Here’s the problem. If you resuse [sic] passwords — or have in the past — across multiple accounts and there’s a data breach (think: Equifax), then hackers can use a password exposed in one of those old Zombie accounts to break into your active accounts.

What can you do?

Here’s what Brooke Crothers recommends:

  • Find all of your old accounts (easier said than done!)
  • Close any accounts which you do not use anymore
  • Use unique passwords for every account; do not reuse old passwords
  • Update your passwords frequently
  • Use a password manager to keep track of multiple passwords
  • Set up multi-factor authentication for your accounts when possible
  • Adhere to best-practices when creating passwords. (Here’s an example of what not to do.)