Ben Canner | Solutionsreview.com »
A compilation file of stolen and leaked passwords, dubbed RockYou2021, recently appeared on a hacker forum. CyberNews reports that an anonymous forum poster uploaded a 100GB TXT file containing 8.4 billion entries of passwords.
Although the poster claimed the file contained 82 billion passwords, CyberNews independent analysis confirmed the number (while still staggering) is actually ten times less. However, it remains the largest password and credentials leak of its kind in history.
Given that only 4.7 billion people are online across the world, the perpetrators may have multiple passwords for millions if not billions of users. The RockYou2021 compilation file may be the stepping stone hackers are looking for to begin mass credential stuffing or more targeted credentials attacks. Since so many people were potentially affected, businesses should begin alerting employees to the danger and mandating password changes across all accounts. Additionally, enterprises should begin (if they haven’t already) implementing multifactor authentication (MFA) and other critical identity management protections.
Also, your employees and administrators should take the necessary steps to ensure that they make the strongest and most secure passwords possible. Despite passwords being largely ineffectual as a lone authentication factor, the combination of longtime recognition and ubiquitousness ensures their place in access management for years to come.
Therefore, your enterprise should make users aware of the tools at their disposal. Free websites like haveibeenpwned.com allow users to compare their emails to thousands of breaches, seeing where they may have been compromised and prompting new credentials. Meanwhile, password checkers can help employees determine whether their passwords actually measure up to the realities of password crackers and simple guesswork.
To learn more about what RockYou2021 might mean for cybersecurity and access management, we reached out to the experts. Here’s what they had to say.
RockYou2021: Impact and Advice
External Link: RockYou2021 is Largest Password Leak at 8.4 Billion Entries