A Friendly Reminder About Password Reuse And Just How Pwned You Are

Source: Slashdot A Friendly Reminder About Password Reuse And Just How Pwned You Are

As Well As Ways To Avoid It

Password reuse is common, according to this Google study it is a significant problem which affects hundreds of thousands of people and their many different accounts.  There are tools such as Have I Been Pwned which allow you to check to see if your email accounts have been involved in a past breach, as well as a tool to check to see if hackers are also fond of your favourite passwords.  For the average user this may be confusing and terrifying as they don’t have the context to understand what the results mean.

To make things a little easier, Google released a Chrome add-in call Password Checkup which you can install and use to check your chosen username and password combination against several billion which have been involved in a breach and will politely suggest you choose a different one.  Cryptography experts at Stanford University worked on the development of this app, so it should not be a source of a breach and Google won’t be receiving your password in plain text.

You should also consider a using a password manager such as LastPass or 1Password which lets you securely store your login info so that you don’t have to remember 32 separate unique user and password combos.  If that doesn’t appeal to you, then remember that computers are much quicker at guessing ‘Pa55w0rds?!” than they are “These password rules smell funky!” … assuming the person who set up the password didn’t have the brilliant idea to restrict your choice of characters. 

To that end, last February Google unveiled a new experimental Password Checkup extension for Chrome. The extension warns you any time you log into a website using one of over 4 billion publicly-accessible usernames and passwords that have been previously exposed by a major hack or breach, and prompts you to change your password when necessary.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

5 Comments

  1. Jeremy Hellstrom

    This would have been posted earlier … but I had to deal with a user that got hacked.

    • Sebastian Peak

      Did you really post this?

      Jeremy??

      (What if Jeremy has been hacked?!)

      • Jeremy Hellstrom

        Then I would have happily went home!

    • Tim Verry

      haha funny. Is the Password Checkup tool using the pwnd database similar to (iirc) 1Password’s Watchtower feature? If so I may have to check it out, Have I Been Pwned is a good place to start but [intentionally] makes it hard to figure out which account u/n and password combination may have been involved in X specific service breach while it’s my understanding that 1Password since they have the missing pieces is able to tell you which specific account was hacked and which password compromised.

  2. AcidSnow

    I totally use 1 password for 90% of my accounts :\ I’m basically food for the haX I guess.

Leave a reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!