Have you been pwned? And what you can do about it.

Today we are so trusting when it comes to giving out our personal details to companies such as LinkedIn and FaceBook that we will happily hand over our personal information. Although we generally get cautioned with giving third parties access to our information through FaceBook but from a security standpoint, this is not good enough. In this article we are going to talk about the site https://haveibeenpwned.com/ and cover what the website is and what you can do if your accounts on the internet have become compromised.

What is Have I been Pwned?

The website https://haveibeenpwned.com is a reporting 3rd party that gathers data leaked on the internet of sensitive data that has been leaked by a security breach. Hackers usually share e-mails and passwords as an act of showing off their skills in pastebin websites where any other person can visibllly obtain a copy of the archive containing this informatiom.

Generally speaking information that might be made public after a breach are e-mails may include:

  • First and lastname
  • Email
  • Password or the encryped password hash from the database
  • Phone number
  • Address
  • Credit card details (last 4 digits or full card details depending on security policy)

What can you do if you have been pwned?

You shoudl go around to all your websites that you use with that e-mail and password and immediately change the password to a new password tht you haven’t ever used before. Next you should go to the websites that have different passwords to the one you used on the compromised website and change them as well.

You should also for safe measure contact the companies regarding your account being compromised and get the specific details about the breach from them and what specific action they recommend.

How can I avoid being pwned?

Here are some quick tips that can reduce your risk of having multiple accounts compromised when one website is breached. Unfortunately as a website user you dont have much say over which websites get hacked and which don’t so it’s best practice to treat all websites with the same level of vulnerability of being compromised.

  • Utilise multiple email addresses for websites that you use. For example use a heavy personal e-mail for your banking websites, MyGov and other secure websites and use a different password for each site as well as the following:
  • Have spare e-mail addresses or forwarders that mask your identity on social media sites, blogs and gaming networks like Steam and Xbox.

But we have saved our best tip for last

E-mail providers usually offer a generous amount of e-mail forwarders so you can create your e-mail address but create forwarding address like contact@yoursite.com and support@yoursite.com and have those addresses forward to the main email address. This is a feature most e-mail hosting providers will offer BUT! some providers like Gmail allow you to add a + postfix to your e-mail address.

For example:

Your Gmail address is username@gmail.com but you can use + to create forwarding addresses such as:

username+banking@gmail.com, username+facebook@gmail.com or even something secret such as username+secretemailaddress01@gmail.com the possibilities are endless and you could create an e-mail for each site you use.

So in the event, one of your logins is compromised it would be a lot harder for your other identities to be compromised.

WebJex Blog

How to create a colour scheme for your website or brand

How to create a colour scheme for your website or brand

If you are a new business coming up with an idea for your next web design layout for your website or coming up with a new logo and don't know where to begin this article will give you some guidance in coming up with a suitable colour scheme for your website or brand....

read more
Making a website on a budget

Making a website on a budget

Creating a website that looks and feels like your own brand on a budget can be tricky to pull off. Fortunately, as web technology has improved since front-end-builders came to be in the early 2000s the flexibility and variety of web builders have grown and have become...

read more
%d bloggers like this: