Password management is a painful chore, but as with all chores, a necessary one. In the digital age, data is everything and it must be protected. For now, locking up this data behind a password is the only solution.
With over a billion users using the internet and hundreds of millions of stolen usernames and passwords making the rounds of the internet, finding a secure password is important.
To assist in this task, Troy Hunt, a security expert, blogger and speaker who also works as Microsoft Regional Director set up a site called 'Have I been pwned'. The site is simplicity itself.
Hunt collated the millions of stolen credentials circulating in the dark annals of the internet and created a password database. All you need to do is head to Have I been pwned and enter your existing passwords as well as passwords you intend to use. The site will then confirm whether the password has been leaked or not. Basically, you check your passwords on the site, if it's given the green light, use it, if not, change it.
It's really that simple!
Why does this matter?
Even with the massive amounts of computing power available today, a well-secured account isn't that easy to access. A technique called brute-forcing, which basically tries to hack an account by trying every concieveable combination of letters, numbers and special characters as a password, is one of the simplest and reliable methods to hack an account. However, a complicated password will mean that an account can take years to brute-force.
To speed up this process, hackers use a password database as the first step. This database is usually a list of all the stolen passwords ever released online. A brute-forcing attack will still need to try hundreds of millions of passwords (usually sorted by popularity), but the process is still much faster with the database than without. People also tend to use the same password for multiple accounts.
This is an oversimplified explanation of why such a database can be useful, but you must have understood the point by now. A unique password will help enhance your account's security.
Of course, taking other precautions, most notably the use of two-step authentication, will be keep your accounts far more secure.
Updated Date: Aug 05, 2017 11:42 AM