Hackers have the ability to brute force or guess every possible combination of a password. Once they do that they run these passwords through the same encryption that the website uses and compares the results. If they find a match then they have been able to successfully get your password.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_custom_heading text=”Unique Passwords”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]This is the perfect example of why everyone should be using unique passwords for every website. Hackers will often time exploit a persons password reuse to get into other accounts that user may have. Let’s assume that you had an account with Adidas and that the password for your Adidas account and Facebook account were the same. If an attacker were able to brute force your encrypted password from the Adidas dump they would then have your Facebook password.
However, if you used a password manager and all the passwords for your websites were different the attacker would only have gained access to your Adidas account. They would not be able to use that password on other sites and then get into more sensitive parts of your life. This is where unique passwords really show their value.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_custom_heading text=”What To Do Now?”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]If you have an Adidas account I would suggest changing your password immediately. After Adidas completes their investigation they may find that there was no issue, but I always say “better safe than sorry”. If you change your password now you know that any password that was leaked will no longer be valid and you can rest assured that the attackers out there will not be able to get into your account using that old password.
If you are not using a password manager, why not? Password managers help you to create unique passwords as well as strong and secure passwords which are harder to brute force. Finally, using a password manager makes changing a password on an individual site very easy, you just let the password manager generate a new password and you never have to remember it.[/vc_column_text][/vc_column][/vc_row]
Kyle Slosek is a security practitioner with 10 years of experience in enterprise Information Technology environments. Through out his career Kyle has performed everything from certification and accreditation to penetration testing and forensics. He holds a Bachelor of Science in Information Technology, a Master of Science in Information Assurance, as well as several industry certifications.
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.