September 2014: Leaked Passwords

About 5 million Gmail passwords were recently leaked onto the Internet by Russian hackers. Google, who runs Gmail, has stated that this latest incident was not a result of any breach of Gmail's security, but that passwords were obtained by other means such as phishing attempts and malware installed on user's machines. This is mainly concerning for users that use the same weak password across multiple sites. While only a small portion of these hacked email accounts were currently active and vulnerable, this event highlights the poor standards that the general public uses in regards to password security.

Google recommends that users update their passwords to something strong, unique, and not in use for any other site. Another important recommendation is to enable 2-Step Verification. This will cause the system to send a text message to your phone with a code to verify your identity if you try to log in from an unknown device or location.

<-Read more back-issues of the Security Awareness eNewsletter