21 days of security

Have you ever checked to see if your password has been discovered by attackers and is known by them?  There is a site called “https://haveibeenpwned.com/” that has accumulated many email addresses and passwords that have been in data breaches.  The site checks to see if any password of yours has been discovered.  Recently Brian Krebs has had several stories about how phishing emails have been sent with old passwords being used in the email to frighten you into thinking the attackers had some information about you.

Pwned or being owned, is slang for the process of taking over your account.  The database showcases the sites and databases that were exposed in data breaches.  You can then think of all the times you used THAT password on a web site and determine how many sites might be compromised.  Better yet using a password management program can ensure that you can use strong passwords or passphrases.  Changing passwords and adding multi factor authentication is one of the key things you can do on any cloud service you are concerned about.

So?  Did you find your passwords have been breached?