Digital Smarts - 10 Million Passwords Released Online in the Name of Security

You are here

Error message

  • Deprecated function: Creation of dynamic property MemCacheDrupal::$bin is deprecated in MemCacheDrupal->__construct() (line 30 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).
  • Deprecated function: Creation of dynamic property MemCacheDrupal::$wildcard_flushes is deprecated in MemCacheDrupal->reloadVariables() (line 637 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).
  • Deprecated function: Creation of dynamic property MemCacheDrupal::$invalidate is deprecated in MemCacheDrupal->reloadVariables() (line 638 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).
  • Deprecated function: Creation of dynamic property MemCacheDrupal::$cache_lifetime is deprecated in MemCacheDrupal->reloadVariables() (line 639 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).
  • Deprecated function: Creation of dynamic property MemCacheDrupal::$cache_flush is deprecated in MemCacheDrupal->reloadVariables() (line 640 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).
  • Deprecated function: Creation of dynamic property MemCacheDrupal::$cache_content_flush is deprecated in MemCacheDrupal->reloadVariables() (line 641 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).
  • Deprecated function: Creation of dynamic property MemCacheDrupal::$cache_temporary_flush is deprecated in MemCacheDrupal->reloadVariables() (line 642 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).
  • Deprecated function: Creation of dynamic property MemCacheDrupal::$flushed is deprecated in MemCacheDrupal->reloadVariables() (line 643 of /var/www/html/docroot/sites/all/modules/contrib/memcache/memcache.inc).

Security researcher Mark Burnett posted a database of 10 million usernames and passwords in early February 2015 that were gathered over the past 5 years. His aim was to aid those working on strengthening computer security by giving them a robust but safe set of data to experiment on. Privacy advocates note that his actions are perfectly legal today, but there are proposed changes to the Computer Fraud and Abuse Act being pushed by the Obama administration that would hold him liable for up to 10 years in prison. Burnett's posting, and the response to it, are an indication of the tensions swirling around online security.

 

Should you be worried? The ID/password combos he released were old, weak and already available on multiple forums. He also removed the domain part of e-mail addresses. If you are still using one password for all sites, or weak passwords like “123456”, releases like this are a healthy reminder that you need to do a better job protecting your privacy online.