Passwords Leaked Online From Past Data Breaches

For now, users concerned about leaked passwords and other sensitive information are urged to take a few actions, as advised by CyberNews.

• Use a reputable data leak checker where you can enter your email address to find out if your account may have been caught in a breach. Sites worth trying include Have I Been Pwned, Firefox Monitor, and Avast Hack Check.
• If you know or even suspect that one of your accounts was caught in a data breach, change your password immediately.
• Consider using a password manager to create, store and apply strong and secure passwords for your online accounts.
• Enable multi-factor authentication on any accounts where this method is offered.
• Look out for an increase in spam and phishing emails through which attackers try to use your leaked email address to scam you.

And though passwords continue to seem like a necessary evil, other more secure authentication methods are available, especially for organizations.

“Companies and users need to treat these developments as a wake-up call to end their overblown reliance on passwords,” said Veridium’s chief revenue officer, Rajiv Pimplaskar. “Passwordless authentication methods such as phone as a token and/or FIDO2 (Fast Identity Online) security keys are now commonly available. Such solutions create an un-phishable connection between the user and the IT system and eliminate the need for a password, thereby reducing the attack surface and making the environment more resilient against cyberattacks.”

Contact OFM for strategies to help secure your environment.
Read the full original article here.