ARE you worried that your Gmail may have been hacked?
Data breaches are becoming all too common these days, so here’s a handy guide to help you check up on your accounts to make sure you won’t be a victim.
- Follow our Google live blog for the latest news and service updates as things develop…
Don’t worry if your account has been hacked, just take a deep breath and follow this simple guideCredit: Getty – Contributor
But help is at hand.
You can check if you’ve been hacked, often called being “pwned”, and bolster your account security by following these simple steps.
On October 2, 2019, Google launched a Password Checkup add-on for the Google Chrome web browser.
It displays a warning whenever you sign in to a website using “one of over 4billion usernames and passwords” that have been hacked.
Google does this by cross-referencing your log-in details with a huge list of hacked log-ins.
There’s obviously a huge risk for anyone whose username and passwords have been hacked.
It’s important to immediately change your log-in details to stay safe.
But even passwords uploaded online without associated usernames can put you at risk.
If you use a very simple password, it’s likely someone else does too – and they may have been hacked themselves.
Hackers buy huge lists of these compromised passwords because people often re-use them.
So hackers are much more likely to gain access to an account by forcing a long list of “known” hacked passwords than trying random letters or numbers.
Google released this handy “how to” to help you get startedCredit: Google
How to check your Gmail password?
The free Password Checkup software can be loaded onto Google Chrome and lets you know if your account details have been compromised in a cyber attack or data breach.
Once installed, the Chrome extension runs in the background of your browser and checks any login details you used.
If your password or username matches a Google database of more than 4billion compromised credentials, the software will flag them.
An alert that pops up on your screen reads: “Password Checkup detected that your password for [website] is no longer safe due to a data breach. You should change your password now.”
If a new data breach occurs, the tool will let you if any of your passwords were compromised the next time you login to Chrome.
It gives you any exposed accounts in a small list that you can click through to change your passwords.
All information is encrypted, and Google says it has no way of seeing your data.
“We built Password Checkup so that no one, including Google, can learn your account details,” Google said.
“Password Checkup was built with privacy in mind. It never reports any identifying information about your accounts, passwords or device.”
You can download Password Checkup from the Chrome webstore by clicking here.
Alternatively, popular web-tool Have I Been Pwned also lets you check if you’ve ever been hacked.
Password safety – the expert advice
Here’s what Javvad Malik, cyber expert at KnowBe4, told The Sun…
- “Despite all their weaknesses, it looks as if passwords will stay for the foreseeable future.
- “But there are some steps people can take to strengthen their passwords so that it is less likely hackers can break into their accounts.
- “Perhaps the most important step is to not re-use the same password across different websites.
- “It is convenient only having one password, but this means that if someone guesses, or steals one of your passwords, they can then use that to gain access to any of your other accounts.
- “Using a password manager can help create and remember all the different passwords.
- “Failing that, even writing passwords down can be good in some cases (just don’t leave your notebook lying around).
- “The second step is to take advantage of two factor authentication (2FA) wherever it is available.
- “For many sites that offer this service, in addition to entering username and password, it will send a code via text message to your phone which will need to be entered.
- “Third, and finally, people should be wary of the scams which try to steal their passwords.
- “For example, receiving an email with a link from a large provider such as Microsoft, Amazon, or Apple, and asking people to re-enter their username and password or risk having their account frozen.
- “People should never click on such links in emails, and only navigate manually to any sites they wish to visit if they need to log onto their accounts.”
What is ‘Have I Been Pwned?’
The most popular site for checking if your email address, and other accounts tied to it, has been hacked is Have I Been Pwned.
Here you can safely enter your email address and the site will check it against multiple data breach incidents.
If your worried your email account has been hacked, your first port of call should be the Have I Been Pwned websiteCredit: Have I Been Pwned
If your account details were included in one of those breaches, the site will tell you with the message “oh no – pwned” flashing up on screen.
It will also give you information on the breach and the type of data that was compromised, such as email addresses and passwords, and which service it was linked to.
The site only asks for your email address, so you don’t need to worry about handing over passwords and other sensitive info.
Just enter your email into the search bar, and click the “pwned?” button next to it.
The results will then appear on the corresponding page.
Always set a unique password for your email, and make sure you don’t repeat it anywhere elseCredit: Getty – Contributor
What should i do if my account has been pwned?
If you’re met with bad news, your first move should be to change your login password for the affected account.
You should also do the same for the service that was hit by the breach.
Even if your email itself hasn’t been the victim of a breach, there’s security risk if another account that you log into with the same password has been affected.
In an ideal world, we’d use different passwords across all the platforms we’re signed up to.
But with apps and social networks piling up, it’s easy to fall back on the same login info to avoid confusion.
But at the very least, you should have a strong, unique password for logging into your email.
And make sure you don’t duplicate that password by using it elsewhere.
Do you have any tips for keeping your accounts safe? Let us know in the comments.
Why did Gmail go down on December 14, 2020?
Google and many of its most popular services suffered a global outage at 11.30am on December 14, 2020.
Users of YouTube, Gmail, Google Docs and more all reported issues with the services during an hour of chaos.
It meant businesses and individuals around the world were affected by a loss of crucial services.
According to DownDetector’s live outage map, the problems affecting Google impacted people all over the world – with the most problems occurring in Europe.
The tech giant was reportedly aware of the problem but did given a reason for what happened when contacted for comment