Fairly recently, news circulated that a data breach had exposed 16 billion—yes, with a “b”—passwords for various logins, including social media accounts, virtual private networks, corporate tools, and more. Effectively, every online service imaginable was represented in this breach. This is very bad… arguably unprecedented. However, this impression is at best misleading. Let’s dig into the truth of the matter, while still acknowledging that there are some lessons to be learned.
Passwords have long been one of the central pillars of account security on the Internet. Combined with a username, they make up the foundation of most login systems. Because of this, they are a hot commodity for hackers who want to steal credentials and infiltrate accounts or networks. In recent years, however, other security measures have exposed the weakness of poor passwords for security, leading to the adoption of other measures.
