We've all done it. You need to share a password with a colleague, so you quickly type it into an email and hit send. It seems harmless enough, but this common practice is actually a significant security risk.
5 Reasons Email is Dangerous for Passwords
1. Emails Live Forever
That password you sent 3 years ago? It's probably still sitting in someone's inbox, their sent folder, and backed up on multiple servers. Emails are designed to be permanent records.
2. Emails Can Be Forwarded
You have no control over what happens after you hit send. Your recipient could forward that email to someone else, or their account could be shared with IT administrators.
3. Email Servers Are Targets
Email servers are prime targets for hackers. If an attacker gains access to an email server, they can search through years of messages looking for credentials.
4. Most Email Isn't Encrypted
While some email providers offer encryption, emails in transit and at rest are often stored in plain text or with encryption keys controlled by the email provider.
5. Search Makes Finding Passwords Easy
Anyone with access to the inbox can simply search for "password" and find every credential ever sent. This makes compromised accounts especially dangerous.
The Better Alternative
Instead of emailing passwords directly, use a service like PassLink to create a one-time, self-destructing link. The password is encrypted, viewed once, and then permanently deleted.