Come Join the Discussion
Add your comments to any of these postings or comments
Tuesday, February 05, 2019
Treasure Trove of Credentials Exposed
There are 773 million email addresses and 21 million passwords in a list circulating in the hacker community that is a compilation of many smaller lists taken from past breaches and has been in wide circulation. Some lists date back to 2015. Despite its recycling of previously breached credentials, the widely available list no doubt makes it easier than ever for even unskilled hackers to capitalize on the bevy of breaches that have occurred over the past decade.
My personal advice for your accounts:
1) It’s important to change your passwords regularly, and to use different passwords for each service/site you frequent. That is almost impossible to manage. But, you can sign-up for a password manager (more on that below)
2) Enable two factor authentication for your password vault
3) Set a reminder each day to change AT LEAST ONE of your passwords to a string of 20+ random characters
4) Start enabling two factor authentication on sites that support it (email, online banking, social media) If you do this, you'll negate the black market value of credential dumps like this one.
Use a Password Manager; many have free versions.
https://www.cnet.com/news/the-best-password-managers-directory/
Want to check if your email account was discovered in any data breaches? Go to HIBP (Have I Been Pwned): https://haveibeenpwned.com/
Want to check if your passwords have been previously exposed in data breaches? Pwned Passwords has 551,509,767 real world passwords.
If your password shows up, change it IMMEDIATELY.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment