Check your Google and Facebook NOW – 24 billion passwords have been leaked online

EXPERTS have found that there are more than 24 billion usernames and passwords exposed on the internet – that’s almost four for every person on earth.

A shocking number of them use extremely easy-to-guess passwords, despite repeated warnings.

2

The Sensitive Details is a collection related to various breaches that have occurred over the years.

Many are circulating on the dark web, where cybercriminals lurk.

The word “password” itself is one of the top 50 passwords used on the Internet, along with the classic “qwerty”.

Almost one in 200 found “123456”.

Security company experts Digital Shadows Suppose 49 of the 50 most common passwords can be “cracked” in less than a second using easy-to-use tools commonly available on criminal forums.

Simply adding a special character like # or * adds about 90 minutes to the time it takes for a crook to crack the password.

The worrying figure of 24 billion is a massive 65 percent increase from 2020.

Once a hacker breaches a password database and steals the data, they can proceed with what’s known as credential stuffing, where they try the same usernames and passwords on many other websites to see if you’re using the same credentials.

“We’re going to move into a ‘passwordless’ future, but right now the problem of hacked credentials is out of control,” said Chris Morgan, senior cyber threat intelligence analyst at Digital Shadows.

“Criminals have an endless list of hacked credentials to try, but compounding the problem are weak passwords, which means many accounts can be guessed in mere seconds with automated tools.

“In the last 18 months alone, we at Digital Shadows have brought 6.7 million leaked credentials to our customers’ attention.

“This includes the username and passwords of their employees, customers, servers and IoT devices.

“Many of these cases could have been mitigated by using stronger passwords and not sharing credentials across different accounts.”

Users are urged to consider using a password manager and multi-factor authentication, where available, that allows people to verify their identity using PINs, facial recognition, or fingerprints instead of a password.

It’s also best to use unique passwords for every website you use, not the same for all.

2

• Read the latest phone and gadget news
• Stay up to date on Apple stories
• Get the latest on Facebook, WhatsApp and Instagram

The best tips and hacks for phones and gadgets

Looking for tips and hacks for your phone? Want to find these secret features in social media apps? We’ve got you covered…

Get the latest news about WhatsApp, Instagram, Facebook and other tech gadgets here.

We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at tech@the-sun.co.uk