Are you affected by the biggest password leak in history? Here's how to check

Bear in mind that it doesn't necessarily take long for hackers to test a list featuring an innumerable number of passwords, in its entirety. — Relaxnews

More than eight billion passwords in a 100 Gigabyte text file that's a leak which, in the wrong hands, could do considerable damage. In fact, using techniques like "brute force" and "dictionary attack," hackers can test a considerable number of passwords in a flash to crack web users' secret passcodes.

It's the biggest password leak in the history of the internet. About 8.4 billion confidential passwords have been made available in a 100 Gigabyte text file named "RockYou2021". All of this data comes from old leaks and new discoveries by hackers. While a claim has been made that a list contains 82 billion passwords, the CyberNews site only counts 8,459,060,239 unique entries in the text file.

The name RockYou may ring a bell. Indeed, in 2009, an application called RockYou was attacked by a group of hackers, allowing them to recover 32 million user passwords. And, at the time, RockYou stored this information in a simple plain text file, allowing anyone to read and understand it instantly.

"Brute force" and "dictionary attack"

To give you some idea of scale, various sources consider that between four and 4.7 billion people are connected to the Internet worldwide. In other words, virtually all passwords of web users around the world could potentially be affected. Therefore, Internet users are advised to check whether their passwords are included in the leak.

If all this seems insignificant, bear in mind that it doesn't necessarily take long for hackers to test a list featuring an innumerable number of passwords, in its entirety.

By using "brute force" techniques combined with a "dictionary attack," it's possible to test them in a few minutes for the shortest ones (about eight characters) or up to several days for the longest ones (16 to 20 characters). According to the author of the message, all the passwords included in the leak are six to 20 characters long.

With this list of unique passwords — which sometimes includes usernames and email addresses — hackers can use the data to attack countless accounts in a matter of moments. Users can check if their password is part of the leak by using the CyberNews checker tool or an alternative version, where the compromised passwords are in the process of being uploaded.

For the moment, only a part of the RockYou2021 list is available for checking, so it's wise to check again in the next few days.

It's important for anyone using the Internet to have a reliable and secure password. Follow tips on choosing a secure password and remember to change it regularly. – Relaxnews

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Tech News

How sharing photos of kids unintentionally helps paedophile platforms
‘Oof,’ ‘yeet,’ ‘deplatform,’ among’s newest words
VW to take on Tesla and Google with new software division
Zoom releases ‘apps and events’ features in major update
I see peach, you see... something else: top emojis causing confusion
Judge grants U.S. FTC more time to file amended complaint against Facebook
Former Virgin Galactic CEO to fly to space - CNBC
EV startup Rivian announces $2.5 billion funding round led by Amazon, Ford
Vodafone plans to launch additional share buy-back programmes this month
Electric air taxi startup Joby to add LinkedIn co-founder, Google exec to board

Stories You'll Enjoy