Should You Change Your Password? Find Out If You've Been Hacked or Not
Six months ago, 1.3 million registered users of Gawker Media had their passwords compromised when the site was hacked by Gnosis. The passwords were encrypted, but 188,279 of them were decoded and made publicly available for all to see. Just three weeks ago, Sony Pictures was hacked by LulzSec, with 1 million passwords taken and 40,000 made publicly available. Comparing the two data sets, Troy Hunt found 88 accounts on both sites that used the same email address, and of those accounts, 67% used the exact same password.
Reusing passwords is a common practice around the web that needs to be stopped. If one of the sites you're registered on gets hacked, your email address and password can be snatched. If you just happened to have been reusing your favorite password, then any other site you've used it on is now compromised. And it's not hard to find those other sites. How many of you have a Facebook account? How many use Gmail? Chase? eBay?
If you can't stop yourself from using the same password over and over again, but think you may have been compromised by a recent hack, you should check out Should I Change My Password? to see if you're safe or not. The website compares your email address to a number of hacked databases that have been released to the public, like Gawker and Sony, as well as MySpace, Fox, PBS, and more. No passwords are stored in the databases of Should I Change My Password?, only email addresses.
If your email address come back as compromised, then it's time to change your passwords on all of the sites you use the same email/password combo. If not, you may be safe for now, though you could have been hacked from another site where no records were made public. Either way, you should put an end to reusing passwords. Check out the video below from Mozilla for some help on choosing strong passwords. Also, check out this nifty password tester to see the strength of your password, and this tool to see how long it would take to crack it.