It’s Time To Change Your Password

Hacks come in many different forms; keyloggers, viruses, phishing, brute force. In most cases, it’s a misstep of the user. You clicked a bad link, you opened a suspicious document that your “Grandma” emailed you. Maybe your password is just “password.” There are many easy ways to avoid the day to day phishers and scammers, but even if your an internet savant with a 15 character long password that looks like: {A2q%yu]+d4@&o), you might not be safe.

Every once in a while you’ll see a news article with a scandalous headline about your favorite website getting hacked. It’s not your fault, they just have bad security. Your 15 character password is now on some spreadsheet being sold for 12 bitcoin on the deepweb. Hopefully the article ends with a plea to change your password and that’s the end of it.

What happens to the site hacks that never make it to the news? They might send out a small inconspicuous email asking you to change your password, but that email will probably be filtered out anyway. “Have I Been PWNed” is a tool to see which accounts of yours have been compromised. HIBP aggregates all the data from “publicly leaked ‘breaches’ or in other words, personal account data that has been illegally accessed then released into the public domain.” You can then use your email to cross-reference their list, seeing if you have an account on a site that’s been hacked. I learned that an old throwaway email that I’ve used for over a decade was linked to several compromised websites, including Adobe, Patreon, Tumblr, and even Neopets.

I highly recommend taking a look at HIBP to make sure your accounts are protected. If you see a compromised account, it means that your personal information is publicly available, and  theoretically anyone has access to that account.

About William Enders

A sophomore Design and Technology major at Parsons School for Design, focusing on interactive media and video games.