Check the security of your accounts instantly.. 24 billion usernames and passwords leaked to the dark web

Digital Shadows, the leading provider of threat intelligence and digital threat protection, has published a new study that quantifies the extent of password breaches globally. Experts revealed that there are more than 24 billion usernames and password combinations circulating in cybercriminal markets, many of them on the dark web, and this number represents a 65% increase from the previous report in 2020. read more The study notes that a shocking number of them use passwords that are too easy, despite repeated warnings. Many of them are circulating on the dark web where cybercriminals hide. Alarmingly, people continue to use easy-to-guess passwords. Digital Shadows found that the word “password” along with the classic “qwerty” ranks among the top 50 incredibly easy-to-guess common passwords on the web. The study also found that almost one in every 200 uses the password “123456”. Digital Shadows experts say 49 of the 50 most commonly used passwords can be “hacked” in less than one second with easy-to-use tools commonly available on criminal forums. Adding a special character like # or * can add up to 90 minutes to the time it takes the fraudster to solve the password. Once the hacker breaches the password database and takes the data, they can proceed to do something called credential stuffing, where they try the same usernames and passwords on a lot of other sites, to see if you’re using the same login details. read more “We will be moving into a passwordless future, but right now the issue of credential hacks is out of control,” said Chris Morgan, Senior Cyber ​​Threat Intelligence Analyst at Digital Shadows. “Criminals have an endless list of hacked credentials to try, but Adding weak passwords to this problem means that many accounts can be guessed using automated tools in just seconds.” Experts urge users to consider using a password manager, a software application that helps generate and retrieve complex passwords, potentially stored in an encrypted database, or an account designated on demand by the user himself. Multi-factor authentication (MFA) can also be used if available, allowing people to confirm their identity using personal identification numbers, facial recognition or fingerprints instead of a password. It is also best to use unique passwords for each site you use, rather than one password for everyone. Source: The Sun

Leave a Reply

Your email address will not be published. Required fields are marked *