Security this week: Keeping track of compromised accounts

When it comes to staying secure on the web, I strongly recommend that everyone uses a reliable password manager. Password managers allow you to easily use a unique password for every single online service you use.

Having a unique password for each online service is key, because when you recycle passwords, one website hack suddenly opens up your entire online identity.

Unfortunately, password managers haven’t always existed, and in the past you’ve probably reused the same password for multiple websites. In fact, you’ve probably forgotten about half of the websites you signed up for throughout your online life.

A long time ago, I picked a great password, and used it EVERYWHERE. That’s a really bad idea. If one website was ever hacked, then all of the services I used that password for were also potentially compromised.

Now, years later, how do I determine which websites I signed up for, and which ones still have that one old password?

Easy.

I use the website haveibeenpwned.com.

This site maintains a huge database of accounts that have been compromised. Type in your email address (I even check my old email addresses) and it’ll let you know if you’re on any of the lists of compromised email password combinations. This doesn’t solve the problem for you, but it will at least let you know if any of your accounts have been impacted.

As always, the safest way to manage your online identity is to use a unique password for every service. You should always rotate your passwords regularly (I recommend once every six months).

Categories:   Archive
Brian Masson
By Brian Masson
Disclaimer

The information and tips shared on this blog are meant to be used as learning and personal development tools as you launch, run and grow your business. While a good place to start, these articles should not take the place of personalized advice from professionals. As our lawyers would say: “All content on Wave’s blog is intended for informational purposes only. It should not be considered legal or financial advice.” Additionally, Wave is the legal copyright holder of all materials on the blog, and others cannot re-use or publish it without our written consent.