If your passwords aren't properly protected online, there's a good chance they'll be found on the dark web. Google makes it easy to check whether your data has been put there or not. Read here how to do it.
Read more after the announcement.
Private data on the dark web: this is how it works
We all use the Internet. This consists of the many well-controlled web pages that we visit and on which we leave our data confidential. The web page administrator or owner is responsible for protecting your private data.
A website or company can suffer a data breach. Your data will then be made public. This could be due to human error, for example, or the company being the victim of a hack. There is a possibility that this data could then be resold or published on the dark web.
The Dark Web is the innermost layer of the Internet where web pages are not transparent and there is less control over them. This is why many criminal activities occur, such as illegal distribution of other people's private data. Malicious parties can use this information to log into and abuse your online accounts.
Check if your data is on the dark web
Fortunately, it's easy to check if your data is on the dark web. Maybe you are familiar with Have you been Pwned. On this site, you enter your email address or password and can see how many times a data breach has occurred and in which breach.
Through your Google account
Do you use a Google Account and Google Password Manager? Then you can also find out via Google whether your data is on the dark web, right from your smartphone. You can do this as follows:
- Open the Google app on your smartphone and tap your profile picture at the top of the screen;
A pop-up window will now appear.
- Click “Manage your Google Account”;
You will now access your Google account settings.
- Select the “Security” heading at the top of the screen;
Here you will see all the security settings.
- Scroll down until you see “Dark Web Report” and click on it.
Google is now checking whether your data has been found on the dark web.
Do you have a Google One subscription? Google will then also check if your passwords, name and date of birth have been found on the dark web. Google One also provides notifications when your data comes back online. Without a Google account, only your email address will be scanned and you won't receive any notifications, but you can view the results.
Your data has been shared, now what?
Sorry, your data has been leaked somewhere. Don't panic, because you can simply prevent its future misuse. To do this, do the following:
Find out which service or website your data was leaked from and where. Go to this site and change your password. This can often be done via the login screen. Also make sure to change the passwords for accounts that use the same leaked password, even if those accounts themselves were not leaked.
There's often a good chance a password was used for multiple accounts and malicious parties know about it too. So it is important that you do not use the password anywhere anymore.
Set up a password manager
To clearly store all your passwords in one place, you can use a password manager. Think Google password manager, 1Password and Bitwarden. These tools also create more secure passwords, so they're less easy to crack and don't use them more than once.
Set up two-factor authentication
Set up two-factor authentication on your accounts whenever possible. 2FA – in short – ensures that you always have to confirm a login attempt via a second device or using an authentication app. This causes hackers or malicious people to encounter a problem when they try to log in to your account.
It's very important to keep your online accounts secure, but old accounts can leak too. Malicious parties use these passwords and email addresses to abuse you. Now you know if your data has been leaked and what you can do about it. Read more Android security tips below.
More security tips:
“Web maven. Infuriatingly humble beer geek. Bacon fanatic. Typical creator. Music expert.”