What if I told you that somewhere on the deep, dark web lies a downloadable file containing 1.4 billion email addresses and passwords? What if I told you that massive data dump is for sale? Just to be safe, it might be time to change your passwords.

This dump includes email addresses and passwords from MySpace, PayPal, and LinkedIn among others. Hackers routinely publish or sell credentials on the dark web and according to specialists, this dump has been updated as recently as November 29th.

Now seems like a good time to mention why we push for good account security here at UDel. This password dump aggregates different passwords associated with a single email address, meaning they can see the slight changes a user makes to their password to “update” it. News flash, going from password1 to password2 isn’t going to keep your account very secure.

Two factor authentication was created due to situations like this. If a hacker were to get hold of your UDel password, they wouldn’t be able to get past the 2FA screening to steal your information. Unfortunately, this leaves alumni, retirees, and anyone who doesn’t have 2FA enabled at risk. For added protection, we encourage using a completely different password for your UDel account and changing that password every 15 to 24 months.

Trust us – we don’t want you to get hacked. Follow these simple steps to keep your accounts locked up tight:

  • Never reuse old passwords.
  • Use different passwords for every account you have.
  • Change your passwords every once in a while–every 12 to 24 months.
  • Choose strong but memorable passphrases rather than random passwords.
  • Always be mindful of password and account security.
  • Check https://haveibeenpwned.com/ if you think your account could be exposed.