Massive Password Leak: What You Need to Know
A recent release of nearly 10 billion passwords, dubbed RockYou2024, has raised concerns about the dangers of publishing massive password collections. The collection includes entries from the RockYou2021 Collection, as well as data from more recent breaches and leaks.
Why You Should Secure Your Accounts Immediately
With 9.94 billion leaked passwords, it’s essential to take immediate action to secure your accounts. If you haven’t changed your passwords for compromised accounts or reuse passwords, you may be an easy target for credential stuffing. This means that someone can find your leaked credentials online and try to break into your accounts.
How to Protect Yourself
To better protect yourself, follow these steps:
- Use a unique, random, and secure password for each account. Avoid using logical sentences or proper names, and consider using a password manager to generate and store complex passwords.
- Get a password manager. Password managers can help you keep track of multiple passwords and make it easier to enter longer, complex passwords into login forms.
- Set up two-factor authentication for your accounts. This adds an extra layer of security to prevent credential-filling attacks. One-time passcodes generated by an app offer a good balance of simplicity and security.
- Switch to Passkeys. Passkeys are a secure alternative to traditional passwords and two-factor authentication. They are unique, don’t require you to remember any information, and can’t be spoofed.
Understanding the Risk
The RockYou2021 Collection was previously released with 8.4 billion passwords, including millions of social media passwords. In comparison, the "Mother of all security holes" contained 26 billion personal data records, including more than just passwords.
How to Check If You’re Affected
You can find the full details of RockYou2024 in a report from Cybernews. The report reveals that 361 million email addresses were included in the leak.
Take Action Now
To avoid becoming a victim of credential stuffing, it’s essential to secure your accounts immediately. If you’re using compromised passwords or reusing passwords, change them as soon as possible and consider using a password manager to generate and store new, complex passwords.