What should I do when my email/passwords are breached and xposed ?
- Change your passwords immediately to a unique one
- Also change passwords in places where you have used this password ( the xposed one )
- Enable and use 2FA (Two Factor Authentication) or MFA (Multi Factor Authentication). In simple terms, it is the use of enforcing an additional layer like an SMS or application based OTP (One Time Password) to be generated uniquely for that login. Most of the commercial websites have enforced 2FA/MFA for their customer logins.
- Check with your immediate circle of friends & family and help them change the credentials. Every act of caring and supporting each other is always good for relationships and business.
- Please make use of a password manager and enforce strong password for managing the same .
How to choose good passwords
Try these for your passwords :
- It is recommended to have any password nothing less than 12 characters in length ( alphabets, numbers & special characters )
- In one of the password related blogs I came across recently, it was even recommended to keep it much longer than 12.
- Most of the current password rules currently do not have any major restrictions on numbers. Hence make good use of that opportunity and fully utilize for safeguarding yourself.
- Password managers can also be a helpful tool in saving all the passwords in a controlled fashion.
Avoid using the below while creating passwords :
- Strongly avoid using the same password in any of the websites or services you use. This helps minimize the impact, even if one website is breached or impacted.
- Avoid using words commonly found in any dictionary.
- Avoid using personal information like kids name, date of birth, city of living as your password
- Avoid easily guessable words and sequences. For example 123456, love,abcde & password are already in the top 10 most frequently used and abused passwords. Hence it is prudent to avoid them at all costs.
- Avoid using your login or user name in other forms like user name,capitalised, reversed etc as your password. These are generally the first steps tried by attackers targeting specific users.
Suggestions to be used while selecting your passwords :
Use Common Phrases
-- "Never ever use a single password in multiple sites !"
-- "I love my puppy Milky for he is my life :D"
-- "Do you think you can read my password so easily ???"
Feel free to make your own statements and use them as your passwords. This is much safe and easy to remember as they will be unique to you.
Well, why not add some numbers and make it even more difficult .
-- "Never ever use a 1 p4ssword in multiple sit3s !"
-- "I l0ve my puppy Milky for he is my lif3 :D"
-- "Do you think you can read my p4ssword so 3asily ???"
Oh well , alphabets and numbers are used , what about the special characters .....
-- "Never ever use a ! pa$$word in multiple s!tes !"
-- "I love my puppy M!lky for he !s my life :D"
-- "Do you think you [email protected] read my [email protected]$$word so [email protected] ^-^"
This looks so simple and easy, lets further spice it up
-- "Nevah evah use a 1 p4ssword in mltple sit3s !"
-- "I luv mie ppy Milky for hes mieeeh life :D"
-- "Do u thnk u cn rd mi paswd so 3sly ???"
Why not mix them all and see what happens ?
-- "[email protected] [email protected] use @ ! [email protected]$$word !n mltple s!te$ !"
-- "I luv m!e ppy Milky f0r h3s m!eeeh l#f3 :D"
-- "D0 u thnk u cn rd m! [email protected]$wd s0 esly ^-^"
Let us also learn from the wisdom of all compiled here. Here are the most used passwords and better to avoid these for any of your accounts/transactions.