My password keeps me safe. (Not necessarily!)
If you have ever used the same password or few passwords on more than one website, then your accounts may be compromised due to data leaks. Once a hacker gets your login information from a single site, they can try it on other sites. Many hackers use automated tools to cycle through leaked password lists, trying them on many popular websites.
You may have heard of a few of the high profile data leaks in the past few years, such as:
LinkedIn
Adobe
Dropbox
Tumblr
SnapChat
Neopets
Minecraft
Get this, there have been over 200 major websites that have had their data leaked over the past few years, enabling your passwords to be used by hackers.
In 2013, Microsoft security research Troy Hunt built the site Have I Been Pwned? that allows you to check if your password has ever been leaked. (Fun fact: "Pwned," derived from owned, is video game slang for when someone is utterly defeated!) I have used Troy's site several times, just because I own a tech company doesn't mean I don't make mistakes.
How can you stay safe in a world of data leaks?
Use a different password on each website.
Use a password manager like LastPass that generates secure passwords and stores them for you safely.
Use two-factor authentication (2FA) wherever possible. You can check if major sites have 2FA available at https://twofactorauth.org/, there are many companies that offer this form of authentication such as Facebook, and Quickbooks. PLEASE! Don't ever use the word PASSWORD as your password, that is the quickest way to get your accounts hacked.
Comments