Melbourne, 22 May 2012.‘Should I Change My Password’ (shouldIchangemypassword.com), a free Australian-developed website that allows the public to anonymously check if their email may have been hacked or in some way compromised, has unearthed its 10 millionth publicised email address and password.
Shayne Tilley, Commercial Manager at Avalanche Technology Group, said: “It’s scary to think that in less than two years, hackers have made more email addresses and passwords public on the internet than the entire population of NSW.
“With thousands of new compromised emails and passwords being discovered every day, it’s increasingly evident that the threat from hackers is more dangerous than ever. Unfortunately in many cases the compromise is only discovered after it’s too late.”
Kevin Yank, Chief Technology Officer at Avalanche, said: “When your email is compromised a big part of your life can be exposed. A hacker can access your Facebook or Twitter account, invade your personal emails and in some cases even reset your bank password – all within minutes.”
Should I Change My Password aggregates compromised databases in a safe and reliable manner. Users can check their email address in one central spot rather than track down hacked databases often hosted in some unsavoury areas of the Internet.
Should someone discover their password has been compromised, Kevin Yank recommends.
“As soon as the compromise is identified you should change your password right away on every site where you use it. Check for signs of someone else using any of the accounts you have registered with that email address. Report anything suspicious to the authorities. And finally, get serious about using a different strong password for every site and service you use. Cyber criminals have sophisticated hacking technology so it is vital to set long passwords with illogical combinations of letters, numbers and symbols – for example: $hould1changemYpa$$word. And change them regularly.”
Every compromised email address recorded by Should I Change My Password is encrypted before it is stored to a unique ID. This means that not even Avalanche’s internal team can access the list of email addresses, let alone a third party. People can check their email address anonymously and be confident their details cannot be misused.