Check your passwords

Have I been pwned? has been round for a long time and has allowed users to check their email/phone against known data leaks or hacks where information has found it's way onto the web/dark web.

Today, the UK NCA shared a database of 585 million compromised passwords with the site, which gives us an added resource of things to check.

So, if you can, before you reset you next password - check here

You may think your dogs birthday is special and no one will know it, but try it....

Why is this important?

Well if you are trying to breach a system, you can just try a brute force attack, trying every combination.  This takes time and resources and is quite often detectable.

Phishing attacks  are targeted and you may be susceptible. But a nice middle ground is using a limited set of known/common passwords.  Either dictionary attacks and combinations of databases such as this.

You may think that 585 million is a lot to search - but its not many for a decent computer.   Certainly faster than searching the hundreds of billions what a complex password character set would afford.    

Pro tip.   Don't use passwords from comics or sources like this. correcthorsebatterystaple has been used and pwned.

Hopefully you will be swimming in a sea of green...

Lets not make it easy for hackers this Christmas.