Researcher Julio Casal recently discovered a massive data base of 1.4 billion unencrypted passwords available to cybercriminals on the Dark Web in a single file. The Dark Web is that part of the Internet where criminals buy and sell all manner of illegal and stolen goods and data. These passwords appear to have been compiled from hundreds of past data breaches in including those of LinkedIn, Netflix and YouPorn. The major risk of this particular file of unencrypted passwords is that even people who change their passwords regularly, often follow a pattern such as just adding predictable numbers to the end of their former passwords. This pattern can be determined by hackers to use the new passwords for purposes of identity theft. Many people also use the same password for all of their accounts making their online banking vulnerable when it uses the same password used at a site that has been the victim of a data breach. This is extremely dangerous. The file of unencrypted passwords indicate that the most popular passwords are the very insecure, 123456, 123456789, qwerty (the first five letters of the top row of the keyboard) and password.
TIPS
This discovery represents another warning that you should have a distinct password for each of your online accounts.  This is not as difficult as it may appear.  You can start with a strong base password, such as IDon’tLikePasswords and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswordsAMA.
Whenever possible use dual factor authentication for you accounts so that when you attempt to log in, a one-time code will be sent to your smartphone to insert in order to get access to your account.  For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.