RockYou2021 Breach: How to Keep Your Data Secure Now

At 8.4 billion passwords, RockYou2021 is the largest leak ever reported. The source? A 100GB text file posted anonymously to a hacker forum. With 4.7 billion people online, according to CyberNews, RockYou2021 “potentially includes the passwords of the entire global online population almost two times over.” The RockYou2021 moniker likely originates from the 2009 RockYou hack, which exposed 32 million user accounts. The lesson? We’re living in a world where hacks and breaches are becoming the norm, not the exception. And in the midst of a pandemic, with people spending more and more time online and hacks on the rise, the reality is not if your data is breached but when.  The good news? You can take steps today to ensure that you’re protected the next time a major breach makes headlines. Read on to learn what you can do right now to keep your data secure and up-level your cybersecurity best practices.  Practice good password hygiene  Keeping up with your password hygiene can seem overwhelming, resulting in what has been dubbed “password anxiety.” A password manager provides relief, but good password hygiene is just as critical. So, what can you do to keep yourself in prime password shape?

• Never reuse your passwords: This includes never reusing your LastPass Master Password! Using the same password for multiple accounts means that if a hacker ever got hold of just one password, that one password would open several doors to your personal data. Use a unique password for every online presence you have. 
• Use strong, complex passwords: An easy to remember (weak) password translates into an easy to crack password for hackers online. Always create strong, complex passwords for each of your accounts.
• Update your passwords: Keep hackers out of your personal data by regularly updating your credentials. Hackers may want to continuously access your account after a breach, and resetting your password can shut the door on compromised data in the future. 

Turn on Dark Web Monitoring alerts LastPass Dark Web Monitoring monitors your email addresses continuously within a database of breached credentials and alerts you immediately – via email notification and within the Security Dashboard – if any of your email addresses have been found amongst the breached credentials.  To begin using Dark Web Monitoring, you’ll need to enable monitoring from the Security Dashboard of your LastPass Vault. Turning on this feature will begin checking all the email addresses stored in your Vault against data breaches. You can learn more about turning on your Dark Web Monitoring here.  Enable Multifactor Authentication (MFA) MFA requires additional information beyond a username and password to grant access. A user can more rigorously prove that they are the person they claim to be by supplying two or more “factors” — like a fingerprint and use of a trusted device.  Enabling LastPass MFA helps protect your account from keyloggers and other threats. Even if your master password was compromised, your account cannot be accessed without this second form of authentication. You can learn more about enabling your MFA here.  When trekking through this ever-hazardous cybersecurity landscape, being proactive is key to protecting your most critical information from the expansive (and expanding) reach of hackers. Take steps now to make sure your data is secure, not a statistic.