If you've read the news or even been on the planet, you are aware that data breaches in recent years have impacted billions of internet users. The breeches and hacks are continuing to impact users at an increasingly alarming rate. Email addresses, birthdates, security questions, social security numbers, user names and passwords have all been compromised in the process, making it harder for people to know how to keep their information secure, and know whether they’re at risk. Most people who have been hacked don't even know it until the damage is done. People are not regularly running scans on their PCs, laptops or servers. One of the most important steps toward better online security is making sure passwords are strong and haven’t already been compromised in a data breach. They are billions of passwords for sale to anyone, on the dark web. Unfortunately, what that means for you is that chances are good that your favorite, most used and trusted password is already for sale or sold.
In 2017, over 1 billion passwords were hacked, leaked, then dumped in an online document for free, making it easier for hackers to access personal online accounts. To reduce the risks that come with a bad or compromised password, the cyber-security firm Okta is offering a free Chrome extension called PassProtect for people to verify whether their passwords have been compromised. The tool automatically checks whether your password has been hacked by verifying it against the Have I Been Pwned? service, a free resource that allows people to check whether their online accounts are at risk or already damaged due to data breaches. These two tools combined can be a game changer for people that take advantage of these services. Everyone who reads this should go directly to their sites and install the plugins. The tool has been described as a “new, experimental way to help individual users play a more active role in protecting their online accounts.” If the password entered on PassProtect is found to be a match with information on the Pwned database, the extension will alert you that it’s compromised. The tool works automatically when a user tries to sign on to any online account. The warning will also show up if a password is too simple or hasn’t been changed in a while. PassProtect is an easy way for less technically savvy Internet users to ensure their most basic online safety. “We believe that by informing and guiding users to reset their credentials when necessary, we can all help make the web a safer place,” Okta head Randall Degges explained in an overview of the extension.
But even with these two new tools, users need to be diligent and remember the basics of password creation and management. Always be sure to create strong passwords that are not easily guessed, utilize two factor verification, and change your passwords often. And never use the same password for your personal, financial accounts online as any other account. To read more about password best practices, please visit our blog post and download our whitepaper about password best practices: