password security

Maybe you’ve used the same password for a dozen years: your dog’s name, or a bunch of letters you put together at some point and just remember now. Hopefully your password of choice is not “password” or “123456”, two of the still-most-popular passwords in the USA.

But even with an unusual password, if it’s A) old and/or B) used for lots of different sites, it’s probably time for a change.

A lot of password-holding services—like Yahoo, or Target, or many more—have been hacked, and criminals know they can often succeed by trying the same login and password combinations on other sites: for example, they’ll try using your Yahoo login at every banking site, hoping to find your account.

Wondering if your information has been compromised? Haveibeenpwned.com looks to see if your password or other personally identifying information has been gathered in one of the many hacking incidents over the years. “Pwned,” by the way, is short for being “perfectly owned” —gamer lingo for someone completely getting the better of you.

When info is stolen, it goes out onto the so-called Dark Web for sale. Someone might want to buy your name, address and birthdate—and passwords, social security numbers and answers to security questions (like “what was your first car?”) are worth even more. Haveibeenpwned.com works by checking for your name or login on the Dark Web and telling you whether your information has been released.

If you see you’ve been compromised, think of the other places you may have used that same login and password, and change your passwords!

Or, just change your passwords anyway. It’s time, right?

More on how to choose a password (this is a fun idea) and how to remember passwords here.