July 5, 2020

I've been pwned, and my password used to be becool88

This screenshot contains two passwords I used to use, maybe 10 years ago. The username and passwords were released in a data dump, and because I am registered with they let me know today.

I haven’t used those passwords for ages, because I now use a password manager - 1Password - which generates unique passwords for each website I use.

I’m a smart guy, and I know if I’m being scammed or phished, but sometime in the past decade or so I was had - and that that username and password is now available to the general public.

Two things I’d love for you to take away from this:

  1. This is why it’s important to have unique passwords for every service, because if one service is breached, then the potential fallout for you personally is limited to that one company. If you use the same username and password for everything, then if one company is breached, hackers now have access to all of your websites and logons.
  2. Have a look through the publicly available list of usernames and passwords just to get a feel of how unique your password for all of your life is.