Nearly 22 Million unique passwords and 770 Million email addresses were made public on a popular hacker forum earlier this year. Despite this news, many password users still do not take notice. Continuing to use exposed passwords is putting users at risk of being exploited again.
You wouldn’t hand your car keys to a thief, right? Well, reusing a compromised password may be doing just that. When hackers get access to passwords from data dumps or buy them on the dark web, they have the keys to enter your accounts. Data breaches result in hacked passwords that give access to an account. That access can lead to the theft of other PII (Personally Identifiable Information) like account numbers and credit card information.
If you’re reusing the same compromised passwords for different accounts, you could also become a victim of credential stuffing. Credential stuffing is the automated injection of breached username/password pairs to fraudulently gain user account access. Since this type of hack is on the rise, so are the opportunities a hacker has to steal even more PII. Either way, reusing passwords involved in a hack or breach can be a lose-lose situation.
Your passwords protect your sensitive data, so creating a strong and unique password is a significant priority.
Here’s how to create a strong password that you can remember:
- Create a base password of at least eight characters.
- Then add some characters from the related website to create your password.
- For example, if the base password is “XP2#z%” and your account is at acme.com, your password for that account would become “XP2#z%Ac” adding the first two characters of the website on to the end.
For even more password protection tips, keep reading.
- Change passwords immediately if your account was exposed in a data breach.
- Use strong and unique passwords for each account and change them regularly.
- Include letters, numbers, and special characters.
- Use two-factor (2FA) or multi-factor authentication (MFA) when available, as they provide additional layers of security when logging in.
- Keep passwords to yourself, and never share them.
- Be aware of others watching when you type a password.
- Always log out, and close the browser window when done.
- Check password strength if a website offers a strength analyzer when creating an account.
- Avoid using passwords with unsecured Wi-Fi as they can be intercepted and stolen.
Always take precautions when creating and using passwords. Don't make it easy for hackers to snag your information.