Is It Safe to Text a Password?

No, it is not safe to text a password because text messages are not encrypted. This means anyone can intercept the data being sent through texts, including passwords, placing your accounts at risk of becoming compromised. 

Continue reading to learn more about password-sharing practices to avoid and how you can share passwords safely with friends, family and colleagues. 

The Risk of Sending Passwords Through Text

There are two major risks when you choose to send passwords through texts: SIM swapping and Man-in-the-Middle (MITM) attacks. 

SIM Swapping

SIM swapping occurs when a cybercriminal impersonates someone and contacts their mobile carrier to convince them to activate a new SIM card. These cybercriminals will claim that they’ve lost, damaged or had their phone stolen. If a cybercriminal can convince your mobile carrier to activate a new SIM card, they’ll claim that they already have a phone with a SIM card they can use and all the mobile carrier needs to do is activate it for them. Once this SIM card is activated, the cybercriminal will be able to receive all of your text messages and phone calls.

This is where sending passwords through text becomes dangerous. If you send a text to someone who has had their SIM card swapped, you’ll actually be texting your password to a cybercriminal without realizing it.

Man-in-the-middle attacks

Man-in-the-middle is a type of cyber attack where cybercriminals intercept the data sent between two people. The main goal of a MITM attack is to steal, eavesdrop or modify the data that’s being sent so the cybercriminal can use it for their own malicious purposes. MITM attacks are more likely to happen when connected to public WiFi networks since anyone can connect to them. The best way to keep your data safe from MITM attacks, like your passwords, is to avoid sending them through unencrypted means like text messages. 

Other Password-Sharing Methods To Avoid

Sending passwords through texts isn’t the only method of password sharing you should avoid, here are a few others.

• Sending passwords through messaging apps: Messaging apps are not encrypted. Additionally, if someone can hack your messaging app account, they’ll able to see the passwords you share through them.
• Sending passwords through email: Emails are not end-to-end encrypted, meaning hackers can intercept them. Someone can also hack your email account and view anything you’ve sent or received. 
• Sharing spreadsheets or documents containing passwords: Some individuals use spreadsheets and documents to store their passwords and then share them with whom they want to. Spreadsheets and documents are not encrypted, so hackers can intercept them. 
• Writing passwords down on paper: Usernames and passwords written down on paper can get lost or stolen. Anyone who finds passwords written down on paper will be able to gain access to the account it’s for. 
• Verbally sharing passwords in public places: You never know the intent of the people around you in public places. Someone could just be waiting to hear sensitive information, like the logins to your accounts, so they can use it themselves to gain access to them. 

How To Send Passwords Safely

Sending passwords is a common practice among friends, family members and colleagues. But oftentimes people choose to share their passwords insecurely, like through text messages. The best way to securely send passwords is by using a password manager.

A password manager is a tool that enables users to securely store, manage, autofill and share their passwords and passkeys. Password managers like Keeper® use zero-knowledge encryption to ensure passwords always remain secure, even when they’re being shared. By using a password manager to share passwords with other people, users are given full control over their credentials. Before sharing a password, users can set permissions such as whether they want the recipient to be able to only view the record they’re sharing that contains their username and password, edit, share or edit and share the record. Once users have already shared a record, they can also revoke access to it at any time – giving them full control over their login credentials. 

If the recipient of the record only needed access to an account for a short period of time, password managers can aid users in changing their passwords to ensure the recipient is logged out of their account and can no longer access it. Keeper Password Manager enables users to securely share passwords with other Keeper users using vault-to-vault sharing and with people who don’t have Keeper accounts using Keeper’s One-Time Share feature. 

Don’t Let a Text Message Place Your Account At Risk

With only your password, cybercriminals and other unauthorized individuals can gain access to your online accounts. Once someone does gain unauthorized access to one of your accounts they can lock you out of it by changing your password, then proceed to steal your sensitive information, steal money and even go as far as to steal your identity.

Just like any other of your sensitive information, your passwords should be kept secure at all times to prevent someone from maliciously using them. Password managers like Keeper help you do just that.

See for yourself how Keeper Password Manager enables secure password sharing by starting a free 30-day trial.