Confirmed: Google’s password leak

Google’s BlackList Exposed Confidential User Information

Finjan Inc., web security expert, reconfirms recent reports that:

[…] Google have unwittingly exposed private user names and passwords on the Google anti-phishing blacklist, which did not use any access protection. Such sensitive information could potentially have been used to compromise user privacy, and could even have been used for identity theft or financial profit (as users generally have a single “web” password for most of their online accounts).

Google Password Leak

Can we repeat it enough? Do not reuse your passwords.

Suppose it was one of your “standard” passwords exposed in that list – how many other accounts could that same password have been used to gain access to?

Read this post about the consequences of password re-use.

How to avoid Identity Theft

  1. make strong passwords – (here’s how)
  2. don’t reuse them – (even the UN says it’s a bad idea)
  3. If lots of strong passwords are hard to remember get a password manager

(Ok, I admit, PassPack is my favorite Password Manager, but there are plenty of others out there, and you should always shop around. And only choose someone who inspires your trust.)


Technorati Tags: , , , , ,


One response to “Confirmed: Google’s password leak

  1. Pingback: Another reason to reconsider your password approach at FactoryCity

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s