January’s big security news was the Mother of All Breaches, the release of a massive database containing 26 billion records built from previous breaches across numerous websites. Such websites include including Adobe, Dropbox, LinkedIn, and Twitter. It’s unclear how much of the leaked data is new, but it’s a good reminder to update your passwords for accounts on compromised sites. Also if those passwords are reused, think about changing passwords for sites that you have reused that password for. Cybernews has a leak checker that reports which breached sites include your data. More generally, password managers often have a feature that checks your passwords against the Have I Been Pwned database of breaches and helps you change compromised passwords—1Password’s is called Watchtower, shown below. You can also search Have I Been Pwned directly. Don’t panic if your email address appears in numerous breaches because some of the theoretically compromised accounts may be defunct sites, trivial sites you used once 10 years ago, or duplicate password manager entries for a site whose password you already updated.
Also on newer versions of iOS and MacOS also check your passwords for risks, and can help you identify and fix those issues. Check Apple’s article on that here. If you would like assistance on changing passwords we here at MacEdge can help. Sign up for a help session.