Hundreds of thousands of people are using passwords that have already been hacked

1.5 percent of all website logins use compromised credentials, a figure that’s higher for porn websites, according to data from a new ‘Password Checkup’ Chrome extension.

Karl Bode for Vice:

A new Google study this week confirmed the obvious: internet users need to stop using the same password for multiple websites unless they’re keen on having their data hijacked, their identity stolen, or worse.

It seems like not a day goes by without a major company being hacked or leaving user email addresses and passwords exposed to the public internet. These login credentials are then routinely used by hackers to hijack your accounts, a threat that’s largely mitigated by using a password manager and unique password for each site you visit.

Last February, Google unveiled a new experimental Password Checkup extension for Chrome. The extension warns you any time you log into a website using one of over 4 billion publicly-accessible usernames and passwords that have been previously exposed by a major hack or breach, and prompts you to change your password when necessary. The extension was built in concert with cryptography experts at Stanford University to ensure that Google never learns your usernames or passwords

This latest study found that the risk of hijacking was highest for video streaming and porn websites, where between 3.6–6.3 percent of logins relied on breached credentials. That number was much lower for financial and government sites, where only 0.2–0.3 percent of logins involved compromised login information, Google found.

MacDailyNews Take: As always, employ strong, unique passwords for every service and use multi-step verification wherever possible.

Mac users can use Apple’s Keychain Access and iCloud Keychain to create and manage them. For those of us who are smartly all-Apple, it works like a dream.

3 Comments

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.