Google Estimates 1.9 Billion Usernames Are Available On The Black Market

Research carried out by Google in association with the University of California, Berkeley has established that there are 1.9 billion usernames and passwords being traded on the black market. What’s more, as many of 25 percent of these stolen credentials could actually be used to access a legitimate Google account.

The report used Google’s proprietary data to investigate whether or not the pilfered passwords would unlock the door to working accounts, according to Business Insider. Unfortunately, it confirmed that this is definitely the case, reaffirming the importance of proper online security.

“Through a combination of password re-use across thousands of online services and targeted collection,” reads the study. “We estimated seven to 25 percent of stolen passwords in our dataset would enable an attacker to log in to a victim’s Google account and thus take over their online identity due to transitive trust.”

This is the danger of using the same password across multiple sites and services — if it’s exposed in one data breach, attackers might be able to combine it with known usernames or email accounts to access various different accounts.

We’ve seen plenty of breaches that left user passwords out in the open in recent years. In 2012, millions of encrypted LinkedIn passwords were leaked to the web, while we’re only just starting to understand the scope of an attack on Yahoo that took place in 2013 — in October, reports circulated that some 3 billion accounts were affected.

The researchers offer up a few different methods that people can use to protect their accounts from unauthorized access. For example, they might use a password manager that creates bespoke entry key for each individual site or service they visit, without them having to remember each one for themselves.

It’s also considered a best practice to employ two-factor authentication, especially for important accounts. This means that anyone gaining access from a new device also needs to provide a code that is typically sent to a smartphone, or an approved email account.

Of course, choosing a secure password is a good start. The top three passwords from plaintext leaks analyzed in this study were ‘123456,’ ‘password,’ and ‘123456789,’ none of which are particularly strong.

Source :https://www.digitaltrends.com/computing/google-berkeley-study-billion-passwords-black-market/

<
Google estimates 1.9 billion usernames are available on the black market
Google: 25 per cent of black market passwords can access accounts
Phishing Biggest Threat to Google Account Security
Google: There are 1.9 billion usernames and passwords on the black market
There are 1.9 billion stolen passwords and usernames available on the black market, and up to 25% of them will still work on a Google account
Phishing kits best way for attackers to get credentials, says study
PODS LLC -- Moody's affirms PODS CFR at B2, assigns B2 ratings to new first lien term loan; outlook stable
Nutanix-Google Deal Has Analysts Wondering If Estimates For 2018 Are Too Conservative
Google study reveals 25% of black market passwords can access accounts
25 Percent of Black Market Passwords Can Access Google Accounts