Online security is again being questioned as an infamous Russian website has compromised the security of Gmail users by leaking 5 million passwords in their forum last Tuesday. It is believed that the said passwords were stolen from different websites that contained passwords that were used and re-used by people in multiple sites.
There are a lot of sites out there that require you to log in with your Gmail account. Speculators believe that the passwords may have been stolen because of this practice. Other possible reasons for the easy hack are weak passwords and phishing scams according to Yahoo.
To appease the nerves of the public, Google has said that only less than 2% of the Gmail passwords were current matched pairs (of account name and password) according to Forbes. Still, that percentage involves about 100,000 unsecured users. However, for those part of the "less than 2%" club, then it can be worrisome.
On the upside, Google is now more vigilant about security issues.They have automated anti-hijacking systems that immediately block unusual log-in attempts. Google has also informed and instructed the affected accounts to reset their passwords. Sign-ins from uncommon locations and unfamiliar devices are also being blocked. Plus, the security team of Gmail provides a confirmation setting for legitimate users to be able to review and confirm their activities.
Online security has always been a risk for users. Evidently, it is highly recommended for users NOT to use and re-use the same passwords for different sites. For users, this is a dilemma. If a user has at least two email addresses, plus accounts with iTunes, Amazon, PayPal, Twitter, Instagram, Facebook, Formspring, GoPro, and many of the various shopping sites out there, then they practically have to memorize at least a dozen passwords and account combinations.
On a last note, there is a link called IsLeaked.com which reportedly provides the service of letting a user check if his or her Gmail was hacked. However, users are advised to take caution as there are no guarantees if the sites offering cross-checking services can be trusted completely. Slash Gear advises people to go through with the two-step authorization. Go to the mail's Settings section, click on Security then choose "Change password."
Join the Conversation