- A 100GB text file containing 8.4 billion passwords was recently posted anonymously to a hacker forum
- Dubbed RockYou2021, a hat tip to the RockYou breach of 2009, it's the largest known data leak to date
- RockYou2021 comes months after more than 3.2 billion credentials were posted in the Complication of Many Breaches (COMB) leak
- LIke COMB, RockYou2021 contains data from many previous leaks
- CyberNews warned that due to the large number of unique passwords in this breach, threat hackers can "mount password dictionary and password spraying attacks" against online accounts
- Password spraying is using the same password on many accounts and cycling through accounts until a password works
- The Verizon Data Breach Investigations Report says compromised passwords are responsible for 81% of hacking-related breaches
- Many security experts recommend changing your passwords as a result of this leak
- As we spend more time online, managing an ever increasing number of passwords can be overwhelming. It even has a name, "password anxiety"
- In light of increasing cyberattacks, good password hygiene has never been more important
- Here are some tips:
- Never reuse passwords
- Use a strong, unique password for every account
- Strong password: A minimum of 8 characters, numbers and symbols. Longer is better. Learn about NIST guidelines here:https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/
- Even better use a phrase that will be easy to remember by hard to crack or guess. For example: IL0v3L0c@l12N3ws!
- Use a password manager to create and manage strong password and minimize password anxiety
- Easily create and manage strong password for all accounts
- Only need to know one strong passphrase, that for our your password manager account
- Easily change passwords when necessary
- Easily manage passwords and logins across multiple devices
- Enable Multi-factor authentication (MFA), aka Two-factor authentication (2FA) or Two-Step Verification for all accounts, especially your password manager.
- Use a site like haveibeenpwned.com to see if your credentials have shown up in any breaches. If so, immediately change your password(s)
- Use Dark Web monitoring to proactively check for your credentials in data breaches
Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a libertarian point of view.Full Bio