Billions of our passwords are now online for anyone to see.

You may not be aware, but the bad guys have been stealing our passwords for years. This data has been floating around the ‘dark web’ for ages, but has only recently made it onto the public web. On the dark web, your passwords were quite hard to come by. On the public web, your passwords are there for the world to see. This has important implications, because if you haven’t changed your passwords in a while, then one or more of your current passwords may be available online. And if you are in the habit of re-using passwords, then your digital skeleton key may be a quick search away.
 
You can check to see if you are exposed by searching with your name and email addresses (old and new) here: www.leakedsource.com.
 
Note that you’ll need to spend $2 to see which of your passwords are in the system. For the record, I am in no way affiliated with www.leakedsource.com.
 
At this point, you may decide that a different approach to passwords is required going forward. That’s certainly my view. And that's why I’ve written a short book to help us all get better at securing our password-protected systems. You can download a version of the (PDF) book for free from the online store.
 
I can’t emphasise enough how vulnerable some of us may now be given the broad availability of this personal data. A random review of a couple of dozen email addresses has revealed:

  • A lot of people I know are in the database
  • About 30% have one or more passwords in there
  • Lots of passwords are old, but millions are quite recent with new data added every month
  • Telephone number searches can throw up lots of personal data (home address, home phone, email, date of birth)

When you’re ready to shore up your accounts, the book will walk you through the process. As well as a plain-speaking explanation of the dangers of guessable (and easily findable) passwords, it also includes a simple, people-friendly password generator which ensures that:

  • Your passwords aren’t known to anyone or any system (including the cloud)
  • Everyone can have unique, strong and easily accessible passwords - not just the tech-savvy

You can also use this system to make your password-change-day at work less of a pain. Here’s the video.

Please take a moment to share this information with friends and family (share buttons below). You don’t want them to be the last ones to find out. And please don’t shoot the messenger. This data is out there and it is (IMHO) better that you are aware of the threat sooner rather than later. 

Simon Gibbard