Are your passwords doomed?
We all know by now that the biggest of tech companies, financial institutions and online retailers are all susceptible to hacking and breaches. For the most part, it’s just a matter of time before you’re personally affected by the miscreants whose day and night jobs it is to hack and extract as much sensitive data that will net them top dollar.
The crown jewels for these Indiana Jones Hackers of Doom are your passwords. Those things we love to hate. They’re necessary to secure our online activities, but oh such a P.I.T.A. trying to come up with clever ones (or not), and of course, trying to remember them. (There are Password Managers for that.)
Whether we like it or not, passwords are ingrained into our digital lifestyles. The more we do online, the more we use them. And the more those miscreants will don their Indiana fedora in search of your holy grail.
Instead of fretting over it and just waiting for it to happen to you, you can be pro-active by using some online tools specifically created to let you know if your passwords have been leaked in security breaches.
It Starts with your Browser
Many people and clients of mine don’t really know what an Internet Browser is. They just think it’s ‘the internet’. Or, the most common answer I get when I ask, “What internet browser are you using?” is, “Google”. And sometimes I get, “what’s an internet browser?” And even more scary is when I hear, “AOL”, or Internet Explorer”!!
Your internet browser is the program or app that you use to browse the internet. They are two different things. The definition is actually in the name: “Internet” “Browser”. Where ‘Browser’ is used as a noun whose root is a verb. It’s a thing, that performs an action – on the Internet. (for those who want a grammar refresher, check out Wonderopolis)
Google’s Chrome and Mozilla’s Firefox are two of the most popular internet browsers. Chrome now has a built-in feature called Password Leak Detection. What this does is compare passwords and usernames that you enter while browsing against over 4 billion credentials that Google knows to have been compromised. If your credentials are a match, you will receive a warning that your username and password have been compromised in a data breach on some site or app.
This does not mean that your Google account has been hacked, it means that your username and password combination that you just entered have been breached ‘somewhere’ on the internet, and you’re advised to change your password for any & all accounts that use that password.
However, remembering where you’ve used that username/password can be difficult when sometimes having upwards of a hundred or more online accounts (or even just a handful). So try to think of as many as you can and change the passwords for those. And, being mindful that you now know about your breach, as you daily browse the internet and access your various accounts, begin changing your passwords to help thwart any abuse of those accounts.
There are some additional tools such as Avast’s Hack Check and Have I Been Pwned where you can check if specific email addresses or passwords have been leaked. If you use either of these tools and they indicate your information was leaked, follow their advice and update your credentials on all accounts affected immediately.
Firefox also has a data breach checker called Firefox Monitor that basically does the same as Avast and Pwned. However, you can sign up for a Firefox account and receive email alerts if your information surfaces in a new data breach for multiple email addresses. They also offer advice on what to do to keep your data safe from cyber criminals. If you use the Firefox Browser and already have a Firefox account, you can use that to log in.
Passwords are our arsenal to protect our digital assets. And those assets may be simply a log-in to post to a cooking blog, or as sensitive as access to our bank accounts and credit systems. And some people use the same credentials for them all. Take a proactive approach and check your credentials to see if they’ve been leaked so you can take the appropriate actions to secure your assets.
Better yet, schedule quarterly security check routines using these tools and others to stay ahead of the miscreants on the quest for your holy grail.