This is an age old problem, even before websites and online security. Passwords getting hacked has always been an issue. In this post I want to share how to check for password breach.
I've been a network consultant for over twenty years, a network administrator for over thirty. It seems no matter what if there is a password, or a lock involved someone has the urge to figure out a way to pick it to gain entry to what's in side.
While Online security is always improving so is the technology to hack it. Sadly, many companies do not follow through and test their systems to make sure they are up to date. This is also true with website owners. many times they do not update their software on their computer and their data is breached giving access to their online assets. Or, their website systems have not been updated and their information is accessed.
When your email has been compromised it is referred to as a pwned email or a pwned password. What does it mean to be pwned? Well the definition of "pwned" originates from online gaming. It means you've been utterly defeated, or completely gotten the better of.
The worst part is that once this online information is discovered, the hacker community will share the data or post the database of passwords to share to gain needed information.
What Can You Do About Password Breach?
What can you do once you've been pwned? Getting back on track can be pretty easy. First you need to check if you're accounts have been breached. First make a list of the email addresses you usually use to access different online accounts. If you're like me you probably have a personal one and a business one. Maybe a few that you use to use but no longer use.
The next step is visit a site called have I been pwned. https://haveibeenpwned.com/ and check each email address to see if you get any results back. If so visit each site an update your password. The list shows a date of the reported breach so it's possible you've already updated the password on that site.
If you found that the email address that you've used with any of those sites has been compromised. I would highly suggest you never use that password again. As I mentioned earlier, it will now be in a leaked password database that will be downloaded by many hackers and could be used to access other sites that they find your email address associated with.
Next step is create a more secure password. In a recent post I've explained some methods on generating a more secure password. You can read that here. I've set this link to open in a new tab so that you can continue on with this post.
Another security step you may want to consider is adding two-step verification. You can read about that in this post I've recently created.
Lastly, I if you're using a password manager, many of those now come with a search tool to see what accounts have used that password. You would be ahead of the game if you updated those websites as well.
If you've found this post useful, click one of the share buttons. Thanks!