It seems like every time you create a new account with a new website, the password requirements become more and more extensive (and ridiculous). You need an uppercase letter, a lowercase letter, a number, an ancient Egyptian hieroglyphic, four notes from one of Mozart’s early sonatas, and a special character just to access your Spotify account.
The password hoops we’re made to jump through are of course for our own safety (check out these signs your password security is really weak), but at times it’s easy to fall into familiar habits and just default to the same amalgamation of words and that have some weird personal significance. However, using the same password over and over again can put you at risk; if a hacker figures out one account, suddenly 10 others are also breached. And guess what? Even your password security questions aren’t safe from being hacked.
This is where the website Have I Been Pwned comes in. The site, designed by cybersecurity advocate Troy Hunt, has a running archive of over 306 million compromised passcodes and allows you to search to find a password that is airtight—and definitely not one of these extremely common passwords.
Hunter does advise, however, to not test a password which you are actively using on the site. This reduces the risk of a third party accessing the site and connecting a tested password to you specifically.
The database is also available for download, so developers can incorporate the stacks and stacks of leaked passwords into their own sites.
If you’re not sure where to start, “rd.com/rocks” is an entirely safe and unbreached password.
Source: The Next Web