As if the recent ransomware scares and cleverly disguised phishing scams weren’t enough to keep you up at night, password breaches continue to make news.
Although “online safety” feels more and more like an oxymoron these days, there are still steps you can take to protect yourself when breaches like this occur. It all starts with getting rid of those overly used, poorly designed passwords you know are terrible but you use anyway.
The most secure password in the world is useless if a hacker steals it, but the real problem comes if it is the same password you use for every single log-in.
In other words, it’s essential that you employ a different password everywhere you conduct online affairs.
The well-known data breach repository “Have I Been Pwned”, has recently released a database of over 306 million passwords contained in multiple data breaches.
Previously I used the “Have I Been Pwned” website, by entering my work email address to check if one of my accounts had been compromised by hackers in a data breach.
I was shocked to find out that two of my online accounts, one with Adobe and another with vBulletin, had been compromised by a data breach. My username, passwords and other personal information had been obtained and made publically available by hacker groups.
Last week, the process for checking the safety of your passwords was given a helping hand by the creator of the Have I Been Pwned site:
A dedicated Passwords page has been added to the website, allowing users to check a password against a database of 306 million passwords.
The passwords contained in the list were compromised in various data breaches, making them accessible to hackers and other attackers.
While you may be tempted to enter your current passwords into the Have I Been Pwned website, you should never enter current active passwords into any third-party service.
The Passwords page allows you to compare potential new passwords against the database of compromised keys to determine their security. I found it very useful, giving me the peace-of-mind that my current method of creating passwords was relatively safe – for now!