I had to help a client this week that had been hacked. Their email password had been compromised.
I then found that:
🔵 Their email password was reused on lots of other online accounts
🔵 The hacker was redirecting all incoming email to them (a common trick to then compromise further accounts)
🔵 The client was using short simple passwords that were easy to hack in a brute force attack
🔵 Most of the clients existing passwords were ones that had been already breached hundreds or thousands of times
🔵 They were letting their browser store passwords for them (browser stored passwords are dead easy to steal)
What can you do to fix all this?
Get yourself a password manager and use it.
I recommend Bitwarden Premium at $10 per year. I have no connection with Bitwarden at all, and don’t earn any money from them, it’s just a brilliant product.