If you want to find out if your passwords were released, visit his site called https://haveibeenpwned.com. If you elect to enter your email address, he will tell you if it is in the collection and give you more details.

What do you do if you are on the list? Reset your passwords. Use a password manager that will remember your passwords for you to make your life easier when you use a different password at each website from now on.

Now is a great time to enable two-step verification. A basic form of two-step verification is when you enter a username and password, and you receive a text message code to type in. Enable two-step verification on PayPal, LinkedIn, Dropbox, Facebook and every other web service you use. On each website, look for Settings > Security. You may need to dig down, but more reputable sites now support two-step verification, but you must enable the feature.

Some bad news is that, about a week ago, a tool called Modlishka shows how to break two-step verification so it isn’t that secure, but two-step verification is still more secure than a simple username password combination. If it allows, have a website use some other method than texting you a password. Using an app on your phone or calling you via a voice call are options that are often more secure than the text message. Microsoft, Google, and a service called Duo offer these options and more. Having a hardware key is even better unless your laptop users leave the key stored in the laptop case, and their password written on the bottom of the laptop.

The post 773 Million Passwords Exposed – Were You Exposed? appeared first on Foster Institute.