A reminder to check your inactive account passwords

I stopped using instagram a while ago, but one thing I did was keep my account around so that there would be a less likely chance that someone could impersonate me with a new account.

One thing I noticed, the longer I’ve had my account inactive, the more emails I get from Meta about attempted password recovery, attempted logins or general signs of someone trying to crack my account. I was chatting to a friend about this, and he made a good point: inactive but real accounts have a higher risk of compromise.

An inactive user is probably not checking their account at all and maybe doesn't even remember their own password – which for most people, probably is a shared password.

I can state the obvious – shared passwords are bad, but it's common, and even if it's a great password, an unrelated service could get hacked or leaked and suddenly a hacker could reuse those credentials to stuff your inactive account. (heck - if instagram itself gets hacked, even your unique password can get compromised, though most services would force a password reset)

If you do plan on keeping your inactive accounts around, make sure they have unique passwords -- or if it's not a vector for impersonation, just delete it, save yourself from more unnecessary ads 🐮