A Friendly Reminder About Password Reuse And Just How Pwned You Are
As Well As Ways To Avoid It
Password reuse is common, according to this Google study it is a significant problem which affects hundreds of thousands of people and their many different accounts. There are tools such as Have I Been Pwned which allow you to check to see if your email accounts have been involved in a past breach, as well as a tool to check to see if hackers are also fond of your favourite passwords. For the average user this may be confusing and terrifying as they don’t have the context to understand what the results mean.
To make things a little easier, Google released a Chrome add-in call Password Checkup which you can install and use to check your chosen username and password combination against several billion which have been involved in a breach and will politely suggest you choose a different one. Cryptography experts at Stanford University worked on the development of this app, so it should not be a source of a breach and Google won’t be receiving your password in plain text.
You should also consider a using a password manager such as LastPass or 1Password which lets you securely store your login info so that you don’t have to remember 32 separate unique user and password combos. If that doesn’t appeal to you, then remember that computers are much quicker at guessing ‘Pa55w0rds?!” than they are “These password rules smell funky!” … assuming the person who set up the password didn’t have the brilliant idea to restrict your choice of characters.
To that end, last February Google unveiled a new experimental Password Checkup extension for Chrome. The extension warns you any time you log into a website using one of over 4 billion publicly-accessible usernames and passwords that have been previously exposed by a major hack or breach, and prompts you to change your password when necessary.