As cybercrime continues to increase at an alarming rate, here are some free tools to check and monitor if your passwords are on the dark web.
Most people or organizations do not know that their data has been stolen. If you want to keep pace with cybercriminals hackers on the dark web, here are a few free online tools and notifications that can help with the fight.
The news is full of large breaches resulting in incredible amounts of data being exposed. Here is a list of a few of the largest data breaches on the internet:
- io – February 2019 – It has been confirmed that 763,117,241 unique email addresses were part of the data breach including Dates of birth, Email addresses, Employers, Genders, Geographic locations, IP addresses, Job titles, Names, Phone numbers, and Physical addresses.
- Adobe – October 2013 – It has been confirmed that 152,445,165 Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text.
- Onliner Spambot – August 2017 – The malicious software contained a server-based component located on an IP address which exposed many files containing personal information totaling 711,477,622 unique email addresses with many having passwords.
- LinkedIn – May 2016 – LinkedIn had 164,611,595 million email addresses and passwords exposed.
- Collection #1 – January 2019 – It has been confirmed that a large collection of credential stuffing lists with a data list containing 2.7 billion records including 772,904,991 million unique email addresses and passwords.
Here are some considerations to think about as you review the information in this article:
- You cannot stop websites from getting hacked as this is out of your control.
- It is crucial you take proactive security measures to protect your usernames, passwords, and identity.
- The longer you have been at an organization or used the same email address, the more likely it will eventually be on a spam list on the dark web.
Why is it important to check and monitor if your passwords are on the dark web?
Google conducted a recent survey with the The Harris Poll and the results were alarming:
- Nearly 25 percent of participants have used the following common passwords, or some variation: “abc123,” “Password,” “123456,” “Iloveyou,” “111111,” “Qwerty,” “Admin” or “Welcome.”
- 59 percent have incorporated a name of their family member, partner, pet, or child for their online account
- 27 percent have confessed to attempting to guess someone else’s password online.
- 17 percent of the group above managed to guessed correctly.
- 43 percent have access to someone else’s active password online.
- 43 percent admitted to sharing their password for streaming service such as Netflix, their email account, social media such as Facebook, and their online shopping accounts such as Amazon.
- 57 percent have shared their password with their significant others
- 11 percent have reported changing their password after a breakup.
- Only 37 percent use two-factor authentication.
- 34 percent have admitted to changing their passwords regularly.
- 15 percent report using a password manager such as LastPass
- 36 percent admit to tracking passwords on a piece of paper.
- 38 percent report losing time because of a data breach.
- Only 45 percent have admitted they would change their password if breached.
Free Tools to Check and Monitor if Your Passwords Are on the Dark Web
Here are some free tools to check and monitor if your passwords are on the dark web. Most of these are reactive and will only alert you after the hack of your stolen credentials on the dark web.
Here’s how to use three free tools to check and monitor if your passwords are on the dark web.
Option 1 – Mozilla’s Firefox Monitor
Mozilla’s free Firefox Monitor allows you to find out if you have been part of a data breach. It gives users the ability to sign up for free alerts about future breaches. They also offer free security tips to keep your accounts safe online safe.
Feel free to add all your accounts including work and personal.
- Click on Mozilla’s free Firefox Monitor page.
- Enter your email work or personal email address and tap Check for Breaches.
- Click on More about this breachto see what steps Mozilla recommends protecting yourself such as updating your password.
In addition, Mozilla’s free Firefox Monitor allows you to sign up to monitor and notify you if your email is involved in a future cyber security data breach. It will actively monitor your entered email addresses against known data breaches. If compromised, it will alert you if your email was involved.
To sign up for alerts about new cyber security breaches, please follow the following steps:
- On the Firefox Monitor page, click on the Sign up for Alerts button
- You will need to create a free Firefox account.
- Click Sign into see a breach summary for your email.
- Once complete, scroll to the bottom of the webpage, you can add additional email addresses to monitor.
Option 2 – Google Password Checkup
Google recently launched a new service called Google Password Checkup. The great free service will check your saved passwords to see if they have been leaked or compromised in any recent cyber security breaches.
- You need to use Google password service to keep track of your login credentials
- Log into Google Password Checkup
- Click on Check Passwords.
- It will ask you to enter your Google account.
- Once complete, Google Password Checkup will display any issues including compromised, reused and weak passwords.
- The good part is that next to each reused or weak password, you can click on the Change password
Option 3 – Have I Been Pwned?
Have I Been Pwned is not a new security tool but still great. The developer created the website after the large Adobe breach. He constantly did a post-breach analysis of user credentials. He discovered that the same accounts kept exposing their security with the same password.
- Go to Have I Been Pwned in a browser.
- Enter your email address
- Click on the Pwned? Button
- It will then display if that email account was part of any cyber security breach
What are some security tips to protect yourself from hackers?
Data breaches are becoming more common therefore you should have a laundry list on what needs to be handled.
It is easy if you use a password manager or a Google account to maintain all your usernames and passwords.
One option to prevent this is to use two-step verification (2SV) or two-factor authentication (2FA) solution. It is a security process that provides users two different authentication factors to verify themselves in order to better protection. There are many options including text messages, Microsoft Authenticator, Duo Two Factor Authenticator, and many more.
Stop password reusing even thou it is common. This is extremely risky as it increases your chances of being hacked. Cyberattacks such as credential stuffing take advantage of reused credentials by automating login attempts against systems using known emails and password pairs. They can also use brute force attacks.
Phishing or whale phishing are increasingly common. Cyber criminals impersonate a service or company you trust so they can take advantage of the human factor. It’s not only your organization that can be compromised, these emails can even come from one of your contacts, partner companies, vendors, or suppliers. They look like the real thing because they mimic the design of authentic emails. The trick here is to have you enter your email password.
Very Important. Most online services will not ask you to enter your login info directly from an email. If they do, to be safe, go directly to their website to log in and reset your password.
Our complimentary network and security assessment can put your IT infrastructure and business to the test.
Going to the cloud or worried about security? We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.
365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services.