For years, cybersecurity specialists have been insisting on the importance of using strong passwords to protect our online accounts, and more and more people are using passwords with random, long and complex terms, alternating uppercase, lowercase, numbers and symbols. However, the mere use of complex passwords is not enough to guarantee the security of an account, as even the strongest password can easily become vulnerable if reused on different platforms.
Massive leaks are the big problem
In the summer of 2021, the RockYou2021 password collection, a massive collection of login credentials of people around the world with more than 8.4 billion entries, appeared on the dark web. This document takes the form of a large plain text document that occupies more than 100 Gb, gathering the passwords of millions of people on different platforms, including social networks, emails and all kinds of websites.
The collection of passwords was carried out by hackers taking advantage of data from different data leaks that were occurring during the previous years on some of the platforms with more online users in the world, including social networks like Facebook or Twitter. In this way, anyone who is interested and knows their way around the dark web can access the RockYou2021 password list and locate the username and password used by anyone on any of these platforms.
The danger of reused passwords
Users who use unique passwords to access their accounts should not worry too much, as they are usually alerted by the affected platforms via email, or an internal message to change the passwords affected by the leak. A simple password update is then enough to keep access to accounts protected. But the problem comes when users use the same password to access all their platforms.
How can you prevent password theft?
There is little we can do to prevent data breaches at the large Internet companies we have registered with. It is up to these companies to multiply their efforts to protect access to their servers and the information in their databases. However, there are several measures we can take to limit the damage caused to our accounts by a possible leak. Some of these measures are:
- The use of password managers
A password manager is the ideal solution for this type of leaks, as it allows us to store dozens or even hundreds of different passwords without the need to memorize them or write them down on paper. Thus, these passwords can be extraordinarily complex and, above all, unique, so that a leak in one of our accounts will not affect the rest. In addition, password managers will also warn us if one of our passwords has been compromised, so that we can update it.
- Choosing secure passwords
Of course, whether we use a password manager or not, it is very important that we always use strong passwords to ensure that they are not easily hackable. Those who set simple passwords such as their pet's name or the popular '123456', run the risk of hackers figuring out these keys and breaching their accounts in a matter of minutes without having to wait for a leak on the online platforms where these accounts are used, so it is essential that every user does their part in protecting their online data.