A couple weeks ago, I wrote about where you should store your online passwords. There are a variety of password manager apps that you can use. These apps allow you to store them in a safe place. When you need to create or update a password, they can help you make a unique password for each login. Last week, another good reason to check your passwords came to light. It was revealed last week that a data breach dubbed “Collection #1” was uploaded to the MEGA online cloud service. The fallout from that data breach is staggering:
- Collection #1 is a set of email addresses and passwords totaling 2,692,818,238 rows;
- In total, there are 1,160,253,228 unique combinations of email addresses and passwords;
- The unique email addresses totaled 772,904,991; and
- There are 21,222,975 unique passwords.
Are you nervous yet? If not, you should be. You can go to Have I Been Pwned to see if your email address is affected by this data breach.
So What Should I Do?
Even if you don’t use HIBP to check if your email addresses are included in the data breach, now is a good time to change your passwords. It never hurts to have an added layer of security. When you change your password, many sites will tell you the last time you updated your password. Hopefully, your passwords had been updated sometime in the last year? (I know a certain someone whose password was last changed in 2004…).
When you are creating new passwords, try to make them unique. Also, do not use the same password across all of the login sites you access. Need some ideas? I can give you an idea of what not to choose. Splash Data released its list of the 100 worst passwords of 2018. The Top 20:
- 123456
- password
- 123456789
- 12345678
- 12345
- 111111
- 1234567
- sunshine
- qwerty
- iloveyou
- princess
- admin
- welcome
- 666666
- abc123
- football
- 123123
- monkey
- 654321
- !@#$%^&*
So if you’re choosing a new password, let’s make sure you aren’t using one of these (or some variation of these). After you’ve updated your passwords, make sure you have them stored somewhere safe. And if you keep a list of passwords with your estate plan documents, make sure that list gets updated as well.
Next Steps
If you haven’t updated your passwords since George Bush was president and don’t have a will or health care power of attorney, call my office to set up a meeting and we can review the best options for you – (877) AMAYERS.