{"id":60,"date":"2022-11-03T09:46:00","date_gmt":"2022-11-03T09:46:00","guid":{"rendered":"https:\/\/blogs.messiah.edu\/csblog\/?p=60"},"modified":"2022-11-03T14:37:47","modified_gmt":"2022-11-03T14:37:47","slug":"compromised-passwords-and-how-to-turn-off-hackers","status":"publish","type":"post","link":"https:\/\/blogs.messiah.edu\/csblog\/compromised-passwords-and-how-to-turn-off-hackers\/","title":{"rendered":"Compromised Passwords and Turning Off Hackers"},"content":{"rendered":"\n<p>Did you know that cyber criminals, aka the \u201cbad guys\u201d, have more than 15 billion compromised passwords<a href=\"#_ftn1\" id=\"_ftnref1\">[1]<\/a> to choose from when trying to break into your system?&nbsp; And where, you may ask, do these compromised passwords come from?&nbsp;<\/p>\n\n\n\n<p>One infamous password collection\u2014dubbed \u201cRockYou2021\u201d\u2014is thought to be a compendium of passwords cobbled together from data breaches<a id=\"_ftnref2\" href=\"#_ftn2\">[2]<\/a>.\u00a0\u00a0 It is estimated that this list is comprised of over 8 billion legitimate passwords collected from a series of data breaches that included username\/password combinations.\u00a0<\/p>\n\n\n\n<p>Given the size and scope of the leak, anyone who does anything online should check if their passwords were compromised. To check whether your password is safe, there are several free and easy options you can use. They include:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/haveibeenpwned.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">HaveIBeenPwend<\/a><\/li><li><a href=\"https:\/\/www.f-secure.com\/us-en\/home\/free-tools\/identity-theft-checker\" target=\"_blank\" rel=\"noreferrer noopener\">F-Secure\u2019s Identity Theft Checker<\/a><\/li><li>CyberNews\u2019 <a href=\"https:\/\/cybernews.com\/personal-data-leak-check\/\" target=\"_blank\" rel=\"noreferrer noopener\">personal data leak checker<\/a> and <a href=\"https:\/\/cybernews.com\/password-leak-check\/\" target=\"_blank\" rel=\"noreferrer noopener\">leaked password checker<\/a><\/li><li><a href=\"https:\/\/www.avast.com\/hackcheck\" target=\"_blank\" rel=\"noreferrer noopener\">Avast\u2019s Hack Check&nbsp;<\/a><\/li><\/ul>\n\n\n\n<p>Since the databases that each of these resources uses are likely not identical, it would be smart to check as many as possible just to cover all your bases.<\/p>\n\n\n\n<p>So, before you grumble about having to use some form of multi-factor authentication (MFA) you may want to make sure your current password hasn\u2019t been hacked.<\/p>\n\n\n\n<p>And for those of you who don\u2019t know what MFA is, here is a quick overview.\u00a0\u00a0As the name implies, <a href=\"https:\/\/www.okta.com\/products\/adaptive-multi-factor-authentication\/\">MFA<\/a> blends at least two separate factors. One is typically your username and password, which is something you know. The other could be:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Something you have.<\/strong> A cellphone, keycard, or USB could all verify your identity.&nbsp; Often it is an app on your phone that provides a one-time password, otherwise known as an OTP.<\/li><li><strong>Something you are. <\/strong>Fingerprints, iris scans, or some other biometric data prove that you are who you say you are.<\/li><\/ul>\n\n\n\n<p>MFA is a great \u201chacker turnoff\u201d. So, even though it means that it might take a second longer to sign in, remember your hacked password and thank your IT Security director for that added little bit of protection MFA provides.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><a href=\"#_ftnref1\" id=\"_ftn1\">[1]<\/a> https:\/\/www.okta.com\/identity-101\/why-mfa-is-everywhere\/<\/p>\n\n\n\n<p><a id=\"_ftn2\" href=\"#_ftnref2\">[2]<\/a> https:\/\/www.consumeraffairs.com\/news\/new-84-billion-password-hack-breaks-records-060821.html<\/p>\n\n\n\n<p><em>Post written by <a href=\"https:\/\/www.messiah.edu\/a\/academics\/facultydir\/faculty_profile.php?directoryID=9&amp;entryID=2702\">Vinny Sakore<\/a>, Director of <a href=\"https:\/\/www.messiah.edu\/undergraduate\/cybersecurity-major\">Cybersecurity Education<\/a> at <a href=\"https:\/\/www.messiah.edu\/\">Messiah University<\/a>. Vinny spent 20+ years in the information technology and cybersecurity field. His industry experience includes serving as Verizon\u2019s HIPAA Security Officer and stints as Chief Technology Officer for two healthcare technology companies. He continues to remain active in the industry by providing consulting services to a number of organizations including NetDiligence, Inc. (www.netdiligence.com).<\/em><\/p>\n\n\n\n<p>Photo credit: George Prentzas via <a href=\"https:\/\/unsplash.com\/\">unsplash.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Did you know that cyber criminals, aka the \u201cbad guys\u201d, have more than 15 billion compromised passwords[1] to choose from when trying to break into your system?&nbsp; And where, you may ask, do these compromised passwords come from?&nbsp; One infamous password collection\u2014dubbed \u201cRockYou2021\u201d\u2014is thought to be a compendium of passwords cobbled together from data breaches[2].\u00a0\u00a0 &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/blogs.messiah.edu\/csblog\/compromised-passwords-and-how-to-turn-off-hackers\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Compromised Passwords and Turning Off Hackers&#8221;<\/span><\/a><\/p>\n","protected":false},"author":103,"featured_media":120,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-60","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/posts\/60","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/users\/103"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/comments?post=60"}],"version-history":[{"count":5,"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/posts\/60\/revisions"}],"predecessor-version":[{"id":127,"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/posts\/60\/revisions\/127"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/media\/120"}],"wp:attachment":[{"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/media?parent=60"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/categories?post=60"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.messiah.edu\/csblog\/wp-json\/wp\/v2\/tags?post=60"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}