Privacy Mythbusting #2: My Password Keeps Me Safe. (Not Necessarily!)
If you’ve ever used the same password on more than one website, then your accounts may be compromised due to data leaks. Once a hacker gets your login information from a single site, they can try it on other sites. Many hackers use automated tools to cycle through leaked password lists, trying them on many popular websites.
You may have heard of a few of the high-profile data leaks in the past few years from prominent social media and gaming companies. Believe it or not, there have been over 200 major websites that have had their data leaked over the past few years, enabling your passwords to be used by hackers.
In 2013, the website Have I Been Pwned? was built, which allows you to check if your password has ever been leaked. (Fun fact: “Pwned,” derived from owned, is video game slang for when someone is utterly defeated!)
How can you stay safe in a world of data leaks?
- Use a different password on each website.
- Use a password manager like 1Password or DuckDuckGo Private browser that generates secure passwords and stores them for you safely.
- Use two-factor authentication (2FA) wherever possible. You can check if major sites have 2FA available at https://twofactorauth.org/