On July 4th, 2024 researchers discovered a file with over 9.9 Billion unique plaintext passwords. This file exceeds the previously compiled list “rockyou.txt” and adds an additional 1.5 Billion unique passwords to the list. This list is the largest known password list to date. This means that threat actors are able to download this list and test against your systems. This is the reason security professionals harp on password security. This list opens the door to credential stuffing attacks which are simply attacks where an attacker has a known username and attempts every password in their list. This is automated and can be done very rapidly.
What can you do on a personal level to ensure your passwords are not at risk?
- Use long complex passwords ( recommended 15 char or more)
- If you cant remember these use a password manager
- Use MFA (Multi Factor Authentication)
- DO NOT reuse passwords across sites!
- Password hints should not giveaway the password
- Avoid guessable passwords. Things like your kids name is easy to guess!
- Change your password regularly in case its involved in a breach
These are just a few of the best recommendations to keep your password security safe. For further recommendations and or assistance feel free to contact us here at Spartan Cyber Consulting. We would be happy to sit down and help you further! Thank you and stay safe.
