It is possible that your password is publicly available. Collection # 1 is the largest data leak so far

Troy Hunt is the author of courses on Pluralsight, a security consultant and Microsoft's regional director. However, we know him best as the originator and founder of the page Have I Been Pwned , on which we can safely check whether our e-mail address is in any of data leaks and passwords.

It was to Troy last week that users began to report, who noticed that on various internet forums there is a link to a large library of e-mail addresses and passwords. It has been placed on the MEGA website.

What was in the leak?

The collection was over 87 GB and was divided into files whose names suggested from which site the addresses came from. There were 12,000 files, and the websites also included Polish addresses:

The folder after unpacking was called "Collection # 1", hence the name given to this leakage. The files contained pairs of e-mails and (most commonly) passwords obtained through the dehashing process. This means that the applied hashing algorithm was not very good and that there is no 100%. certainty that there was no so-called a hash collision or a hash function could take two different passwords and return the same abbreviation. Hash is the result of the so-called a hash function - (ideally) an asymmetric function that returns a unique value for a given password. Thanks to this, we do not have to store passwords with open text in the user database - all we need to do is compare the hashes.

The files looked prepared for automatic and mass use in scripts trying to log in. Together they contained 2692818238 lines, or about 2.7 billion. Unique combinations of e-mails and passwords were there over 1.1 billion, which makes this leak the largest collected so far in one place. There are more than 22 million unique e-mail addresses!

There were so many data that it forced Troy to change the data type in the database, because he had used a 32-bit integer field so far.

https://twitter.com/troyhunt/status/1084402518388424704

The leak was probably prepared as a compilation from various sources. Probably from service databases with poor security.

How can I check if my address was in the leak?

For this purpose, we can use the base placed on Have I Been Pwned . All we have to do is enter our e-mail address and we will be notified if it was found in any of the spills - also in Collection # 1 .

We can also search this database by entering a password that we suspect of a leak, but it is worth doing so with passwords that we have already changed or intend to change.

What to do if our e-mail address is in a leak?

If we notice our data in the leak, it is a good opportunity to ensure the safety of our websites. Consider the use of a password manager or high-power password generator built into some browsers. If you do not want to use and remember such a difficult password, enable in any site that provides such a possibility, two-step login. In this way, after entering the password, we still have to enter a unique code, which we will receive, for example, on the phone.



It is possible that your password is publicly available. Collection # 1 is the largest data leak so far

Comments

  1. Amazing blog! I really like the way you explained such information about this post with us. And blog is really helpful for us this website
    access-password-get-pro-crack

    ReplyDelete

Post a Comment

Popular posts from this blog

What is VoLTE and how can you activate it on your Xiaomi

So you can check the battery status of your Xiaomi smartphone and how many cycles you have performed

How to exit the FASTBOOT mode of your Xiaomi if you have entered accidentally

Does your Xiaomi charge slowly or intermittently? So you can fix it

Problems with Android Auto and your Xiaomi? So you can fix it

If your Xiaomi disconnects only from the WiFi it may be because of that MIUI setting

How to change the font in MIUI and thus further customize your Xiaomi: so you can change the type, color and size of the letters of MIUI

What is the Safe Mode of your Xiaomi, what is it for and how can you activate it

Improve and amplify the volume of your Xiaomi and / or headphones with these simple adjustments

How to activate the second space if your Xiaomi does not have this option