Buzz
Privacy infringement and recent password leaks have become hot topics on the Internet. LinkedIn, Yahoo, ... - the list of breached websites goes on and on. And, there are numerous tools available to check if your password has been compromised. You can also protect yourself by using unique passwords for each account.
Tips to Check If Your Password Has Been Compromised
Threats of Password Exposure
Leaked passwords can lead to unforeseen dangers, especially when individuals use the same password for multiple accounts. If you register an account on a website using your email and the same password as your email, this email-password pair will be stored in some leaked email-password list.
Hackers can then use this information to infiltrate your email account. Even if you use a different password for email, they can still utilize the email-password pair to access your other accounts.
For instance, recent hackers breached over 11,000 Guild Wars 2 accounts. They didn't use a keylogger or breach the game's servers. They simply attempted to log in using email addresses and passwords collected from a leaked password list. When players reuse leaked passwords, their accounts get compromised. Similar scenarios can occur on other websites.
Protecting Your Passwords
To safeguard passwords from potential leaks, ensure that you use a different password for each website - and these passwords must be both lengthy and robust. Otherwise, hacking one account can lead to easy infiltration of others. Although websites send notifications whenever a password is compromised and prompt immediate changes, it's meaningless if you use the same password for multiple accounts.
However, remembering all passwords for various accounts is challenging, and this is where you need to utilize password managers like LastPass or KeePass.
How to Check If Your Password Has Been Compromised
Using the PwnedList tool is one of the best ways today to check if your password has been compromised. LastPass now utilizes PwnedList to manage whether their service registration email addresses have been leaked or not. For example, if your LastPass account registration email is [email protected], you'll receive notifications whenever [email protected] appears in any leaked email-password list. However, this feature applies only to a single email address you use to register LastPass.
If you prefer to manually check, you can visit the PwnedList website. Simply input your email address, and PwnedList will inform you if it appears in any leaked lists. If your email address does appear somewhere, don't worry too much; it simply means you shouldn't continue using one password for multiple accounts and should change it immediately.
LastPass also offers various tools to help you determine if a certain password is strong enough. You can input a password to see if anyone is using it. The result will indicate the security level of the password you intend to use. For example, when inputting 'password123', you'll notice that at least one person is using it as their LinkedIn password.
Email accounts are the most critical aspect of online privacy; many websites only allow password changes by clicking on a confirmation link sent to the email. If someone gains access to your email account, other accounts are undoubtedly at risk. Therefore, it's crucial to regularly change your email account password using complex characters. If using Gmail, refer to how to change Gmail password here.
