Watch out! Your passwords may be on this hacked server
Hundreds of millions of stolen passwords
All these passwords, which are encrypted at over 225 million, have already been submitted to the HaveIBeenPwned website. This free online service serves to alert users that they have leaked their password. It is very useful to find possible vulnerabilities if an email account, social networks or any platform on the Internet are unprotected.
These 225 million keys become part of the 613 million passwords existing in HaveIBeenPwned. This includes accounts of all kinds, since it affects banks, social networks such as Facebook or Twitter, email, Internet forums ... We must remember for almost everything we use passwords today and vulnerabilities can occur at any time .
Something very common is that a service in which we are registered has a problem and the data is filtered . Basically, all passwords are exposed on the network and that means that a hacker can also access them and use them to spoof the identity, reach other contacts, sneak malware ...
If you want to check if any of your passwords were inside this server with hacked keys, you can do it easily from the HaveIBeenPwned website. In addition, you can see if any other key, even if it was not part of these 225 million, has been stolen at some point. It is very useful to increase security.
Tips to avoid key theft
Now, what can users do to prevent their passwords from being stolen? It is true that sometimes the problem is in a leak that has occurred in an online service that we use. In that case, it does not depend only on the user, but we can prevent problems.
The most important thing is to use passwords that are strong and complex, as well as unique. We must use letters (both uppercase and lowercase), numbers and other special symbols. All this randomly and you mustn't use it in more than one place, since it can produce a domino effect.
But also, it is interesting that those passwords are changed periodically . This is precisely what is going to help so that, in case there is a leak on a page that we use, we can solve the problem and an attacker cannot access the account.
Beyond this, we should also turn on two-step authentication whenever possible. It is an extra security barrier that we are going to add to our accounts. A hypothetical attacker, even if they figure out the password, would need a second step to gain entry.