Who knows your password?

Head over to haveibeenpwned.com to find out! This website shines a spotlight on how the large amount of data breaches are affecting us personally. When you enter your email address the website will look through records on hacked accounts and points out which of them affect you. Being on the list means that the information stored on a hacked site (possibly including the password in use at the time of the hack) should be considered in the public domain. 

Looking up your own information makes for a jarring experience: it shows that many of our personal accounts have been compromised, sometimes years ago. And if you are like many technology users who try to “keep it simple” by using the same password on multiple sites you will be shocked to realize that this practice may have possibly exposed additional information to anyone who can now try your (now public) logins on other sites you utilize.

So what will you get out of knowing if you’ve been hacked before? Isn’t it too late anyways? Do you prefer to keep yourself sane rather than freak out over hacks of the past? I have had those same thoughts – but you’d be dead wrong. Here are the next steps that haveibeenpwned.com allows you to take:

  • Know which sites have been hacked. Change the password and assess what personal info may have been taken.
  • Understand that the information stolen can be used against you and possibly against people you contacted. There are a number of attacks that use the stolen information to defraud you!
  • Know which passwords are compromised. Go through all your accounts and make sure this password is retired.
  • Going forward: use strong random password that are not reused on other sites.
  • Start using a password manager that encourages you to use strong passwords. My favorite for apple users is iCloud Keychain.
  • Enable 2-factor passwords on every possible account.

Leave a comment below and post an emoji that describes how you felt when you found out how many of your accounts had been compromised…