Recently Britain’s National Crime Agency (NCA) and its National Cyber Crime Unit (NCCU) announced that they had discovered 225 million stolen emails and passwords that were compromised in multiple data breaches and were being made available to cybercriminals on the Dark Web, that part of the Internet where criminals buy and sell goods and services.  We all have many devices and online accounts that require a password. While it is always a good idea to use dual factor authentication and other security enhancements when available, a good, strong password is still at the core of protecting yourself in the digital world. Unfortunately, too many people use common passwords that are too easy for an identity thief to guess and this can lead to identity theft. In addition, many people use the same password for each of their online accounts which puts them in jeopardy when a data breach at just one place provides the password to all of his or her accounts to a cybercriminal.

The NCA and NCCU turned over the list of the 225 million stolen passwords to the website HaveIBeenPawned which provides a free service where you can find out if your passwords have been compromised in a data breach.  https://haveibeenpwned.com/Passwords

TIPS

It is very important to have a unique and distinct password for each of your online accounts.  This is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.

Password managers which will create and store unique passwords for each of your accounts are also a good option.

Whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your cell phone to insert in order to get access to your account.  For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”