The website haveibeenpwned.com enables you to see if your email or password has been compromised in a data breach. Go to the site, enter your email address(s) and it will tell you the results. (According to Wikipedia, pwned is a slang term derived from the verb own, meaning to appropriate or to conquer to gain ownership.)
If your e-mail shows up as compromised in haveibeenpwnd’s results you should immediately change that password and email/username combination at all the sites you care about. Using a Password system (mind trick), so each site you go to has a slightly different password will protect you from mass password changes in the future.
Password systems
Develop a password system that is both easy to remember and hard to hack. Think of an easy system and use it. Your system might include a few of:
- Using parts of the website name: First 3 letters, last 3 letters, or both.
- Using the number of letters in the website name
- Using part of your user name
- Using the year you created the password, change your passwords every few years
- Adding word(s) or names that starts with the same letter as the website, keep your own set of words for each letter of the alphabet (Don’t use Whiskey, Tango, Foxtrot, etc.)
- Having a personal “password” that you add to the start/end/middle of the other parts
- The domain name suffix (com, net, org, edu), or part of the suffix
For more information, contact F&O IT Security to discuss your exposures and options.