Solving puzzles is the fun and games side of cryptography and security… but there’s a serious side to this stuff that we like to point out from time to time.
With a few seconds of effort, you can do a simple check to see if any of your online accounts are known to have been compromised.
have i been pwned?
haveibeenpwned.com aggregates the data of known security breaches and allows you to search their database for your email address(es).
Steps to Follow:
- Go to haveibeenpwned.com
- Input your email address to see what, if any, accounts have been compromised.
- Change every password that shows up on their list.
- Change any other account that you own that uses the same compromised password. This is really a important step.
If you aren’t using a password manager, I highly encourage you to get one. I wrote a longer piece on them a few years back.
- Password managers are vaults that encrypt and store your usernames/ passwords.
- They have browser extensions and mobile apps that make them easy to use.
- They have the ability to generate and save unique, long, random, alphanumeric passwords.
- Having unique passwords for every single account means that the compromise of one doesn’t compromise them all.
“I’m not a target”
If you’re thinking something along the lines of:
- “I’m not special, no one is going to target me.”
- Most accounts are attacked by automation. Bots don’t care who you are.
- “Meh, if my accounts get hacked, ¯\_(ツ)_/¯ .”
- You say that now. You’ll feel different if you’re a victim.
- “I’m don’t have anything to hide.”
- Yeah, you do. You have credit card numbers, bank accounts, ecommerce accounts, social networks, and all sorts of other things that are way juicier and more valuable than you’re imagining.
Please, invest the time to handle your passwords properly.
Practice safe computing.