Apparently, this is not the first go around for a company or entity caled Rock You. This lastpass article titled RockYou2021 Breach: How to Keep Your Data Secure Now is actually the last item in this week’s official news notes.
Here’s what we know. We know that potentially 8.4 billion passwords in a 100GB text file was posted oline to a hacker forum by an anonymous source.
The name apparently comes from the 2009 hack which first exposed 32 million passwords.
The article indicates that the global online population is 4.7 billion people, and the 8.4 billion is almost double this amount.
This is nothing to sneeze at. This may be the biggest dump in today’s history we’ve ever seen to date. I personally almost fell out of my chair when I heard this.
You cna do something about this right now. The first thing you should do is keep up with your password habots. There are three bullet points to this.
- Never reuse your passwords: This includes never reusing your LastPass Master Password! Using the same password for multiple accounts means that if a hacker ever got hold of just one password, that one password would open several doors to your personal data. Use a unique password for every online presence you have.
- Use strong, complex passwords: An easy to remember (weak) password translates into an easy to crack password for hackers online. Always create strong, complex passwords for each of your accounts.
- Update your passwords: Keep hackers out of your personal data by regularly updating your credentials. Hackers may want to continuously access your account after a breach, and resetting your password can shut the door on compromised data in the future.
I need to get better at doing item 3. With most people not doing much of anything, most of my passwords are strong, although I have a few passwords that I’ve used on multiple sites. I’ve not done that in most cases, and I’ve tried my best to stop that habot.
Do you use a password manager that has an option for dark web monitoring alerts? This is another tip given by Lastpass. It can alert you if something goes awry. It monitors your Email addresses within a list of breach credentials and alerts you via email or within the Lastpass dashboard. No password hashes are ever shared, but the notice of an email address finding may be crucial.
The next tip is multi-factor authentication. We’ve covered this through the technology and security box podcasts time and time again. This can’t be stressed enough! Let’s try to do our best when it comes to doing this, because our life now depends on it!
MFA requires additional information beyond a username and password to grant access. A user can more rigorously prove that they are the person they claim to be by supplying two or more “factors” — like a fingerprint and use of a trusted device.
There are lots of links within this article, so go and read the full article to get the most out of it and link to things of value. Again, the article is titled RockYou2021 Breach: How to Keep Your Data Secure Now and please stay safe!
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.