The Threat of Pwned Passwords: Yes, You’ve Been Affected.
If you’re wondering what pwned passwords have to do with you, let’s start by discussing data breaches.
We keep hearing about data breaches; ever wonder if you have been a victim, too? Unfortunately, most of us have!
Explanation of the Term “Pwned”
The term “pwned” originates from player-to-player messaging in online computer gaming culture. It derives from “you have been owned,” which a player uses upon defeating the other.
It is a typo due to the closeness of the alphabets “P” and “O” on a keyboard. However, today it is commonly used slang for “owned.”
In gaming, “pwned” refers to beating the player badly. In cybersecurity, “pwned” indicates that someone has compromised the server and can access personal information. Either way, it isn’t a good thing.
Data breaches—including those on large, important sites—are becoming common. Some of the most significant 21st Century data spills involve Adobe, Bose, CaptureRX, CAM4, Facebook, GEICO, LinkedIn, ecite, DropBox, Pixlr, Verizon, and Yahoo. Pwned passwords are continuously putting individuals and businesses at risk. These are the epicenter of cybersecurity storms.
Cybercriminals access compromised credentials through the dark web and utilize this data to infiltrate online accounts. The problem intensifies with poor security hygiene. What’s important is understanding that your information may be compromised, and you must take suitable actions to rectify the consequences.
Understanding Pwned Passwords
In the ever-changing digital landscape, passwords are the only constant. These remain the primary authentication modes for accessing different sites or systems, including online banking.
The 2019 Disney+ data breach shows the devastating effects of password reuse. In less than 48 hours of its rollout, thousands of accounts were on sale on the Dark Web.
With newer breaches coming to light every single day, password habits require constant vigilance. Educating yourself on better security hygiene is the first step. Understanding what pwned passwords are and why you mustn’t use them is imperative.
According to Have I Been Pwned, “Pwned Passwords are real-world passwords previously exposed in data breaches.” These are searchable online and remain unfit for ongoing use. If your online accounts are pwned, your email, password, contact number, and other confidential details open up to cybercriminals.
Should You Worry?
Understand that personal information remains fully accessible on the internet. The bad guys then sell it on the black market for insane value. Besides, once attackers have access to password patterns, they can easily create cracking customs.
Info leaks like this leave you vulnerable to scams, spams, identity theft, and other deceitful activities. Even complex passwords that show up in data breaches help with dictionary attacks. Thus, utilizing strong and unique passwords reduces the risk dramatically.
What Can You Do? Stop Using Pwned Passwords!
Does your password look like a cat walked across the keyboard? If yes, that is great. If not, you may be at a greater risk of encountering a cyberattack.
Data leaks are unfortunate and widespread in the internet-connected world. People suffer embarrassing beaches due to human error, hacked servers and misconduct.
So how can you keep your information safe on the internet? First, stop using exposed or similar passwords.
Compromised passwords, as the term suggests, are a considerable threat. If attackers gain access to one account, they can also reach your other accounts. It, then, results in a domino effect where the attackers gain control over multiple of your accounts.
Sloppy password practices make things easier for malicious hackers in gaining unauthorized access to various accounts and information. Once the sensitive data is out in a breach, it’s somewhat impossible to regain control of it. Besides, small and medium businesses face enormous financial and reputation losses.
You cannot move away from using passwords anytime soon since there still is no ubiquitously reliable alternative. But you can certainly keep up-to-date with your digital activities. Do this in the event of pwned passwords and email addresses:
- Choose unique passwords
- Change passwords frequently
- Do not utilize or recycle compromised or weak passwords
- Do not enter additional details wherever it isn’t necessary
- Block unwanted email senders
- Do not save information for future use
- Unsubscribe from unwanted emails
- Update all devices and applications
- Use password managers
Check If Your Password Is Vulnerable
Today, multiple sites and services help you determine if you have a weak or vulnerable password. Google Password Checkup is one popular service to know if your sensitive information is circulating on the dark web. Others include Firefox Monitor, LastPass Password Generator, and the most popular, “Have I Been Pwned.”
What is it? It is one of the most popular hack-finding tools. The website safely confirms whether or not your email address or phone is in a data breach. It browses through multiple records to notify you of the good or bad news.
If you have been pwned, change the password for that email and the services it is in use for. Risk prevails if you utilize the same login password for multiple other applications. So use a mix of symbols, numbers, and alphabets in upper and lower case to safeguard your account.
1Password integrates with https://haveibeenpwned.com/ to keep an eye on your logins for any security infringement. It is a reliable password manager the world uses. With this, you can create unique passwords, enable Two-Factor Authentication (where necessary), and stay up to date about any threats.
When it comes to password policies, there is no “set it and forget it” rule. Password protection is a continuous process, both users and companies must be aware of. Coming up with creative ways to defend yourself against cyber threats is the only game changer!