A file of 10 billion passwords is circulating on the Internet

A file of 10 billion passwords is circulating on the Internet
A file of 10 billion passwords is circulating on the Internet

Escaping data leaks and hacks is almost mission impossible today. A file containing almost 10 billion passwords has proven it again.

It’s not the biggest leak in history, but it’s close. In an article published on July 4, 2024, the site Cybernews alerts about the existence of a hacked file containing 10 billion passwords. No stratospheric data leaks here, just a studious compilation of passwords leaked over the last 15 years.

Soberly named rockyou2024.txt, this file is the most comprehensive compilation of passwords to date. It partly takes data from “the mother of all leaks» which appeared in early 2024, but focuses only on passwords. As the person behind the publication of this file notes, rockyou 2024 is also «a rockyou 2021 update“, another file full of passwords, which appeared three years ago.

At the time, with 8.4 billion passwords, the leak was considered gigantic. 3 years later, its size has increased by another 15%, reflecting the rise in all kinds of site hacks in recent months. Beyond the obvious danger to personal data that this leak represents, we can still applaud the application of the hackers who, to arrive at this figure of 10 billion passwords, have combed through all data leaks since at least 2009.

How to effectively protect your passwords?

This type of file makes “credential stuffing” attacks very real. Unlike brute force attacks that attempt to guess passwords, this type of trickery involves testing millions of pairs of already known credentials and passwords to find a few that still work.

To protect yourself from possible unpleasant surprises, several measures are good to take. First, as usual, avoid reusing the same password on several sites. Use, where possible, double authentication mechanisms to complicate the life of hackers. If possible, even use a password manager that can allow you to benefit from all these security measures within a single application.

And if you want to see if your passwords are affected, Cybernews has put online a portal allowing you to check the presence of your passwords in the recent data leaks. The site assures “do not keep track of your passwords» which are just used to create a hash which will then be compared to the millions of passwords already entered in the database.


Did you know? Google News lets you choose your media. Don’t miss out on Frandroid and Numerama.

-

-

PREV English Botanist’s Century-Old Seed Collection May Save the World
NEXT iPhone: How to master the secret function of the new flashlight