Written by Andrew Trexler
A security researcher recently found a publicly accessible database that contained 149 million stolen credentials. The data contained millions of records for Gmail, Facebook and other sensitive services. While they were unable to determine the owner of the data, they did successfully get the hosting provider to remove the service, preventing others from accessing the data further, at least from that location.
While attackers stealing usernames and passwords and distributing them widely is troubling, there are still ways to protect yourself. Use MFA (multi-factor authentication) on all your accounts so that, even if a hacker has your password, they can’t access your account without your approval. Also don’t reuse passwords across accounts. This limits the impact of having a password stolen or leaked, as it will only work for that one site. Password managers are a great tool to make it easy to keep track of several different passwords. If you’re interested in more login security tips, please check out Brad Herring’s recent post about 8-character passwords.
Andrew Trexler
Search The Exploit Blog
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless
