Over the years, I’ve created passwords for hundreds of different accounts. While I consider my digital hygiene pretty good, I’ve created some weak passwords in the past. To keep my accounts secure, I decided to run a password audit.
Checking Password Security
To check how secure my passwords are, I could go through every single password I saved and assess its security myself. Or I could just allow Google to do it for me. To do so, I opened Google Chrome, found the three-dot icon in the upper right-hand corner, and scrolled down until I found Passwords and Autofill.
Once here, you’ll see the Checkup option. Click it and let Google run a quick password audit.
As you can see, Google notified me of which passwords were compromised, reused, or weak. If your passwords are stored in a password manager like mine, your digital vault should offer a quick and easy way to assess their security.
Change Weak or Reused Passwords With Password Manager
You could change your passwords in Google Chrome or whatever browser password manager you use. But you have to do that manually, and it’s time-consuming. Nothing beats a standalone password manager, with options like ProtonPass or Bitwarden offering more security than Chrome’s password manager.
Switching over to a password manager like Bitwarden is easy. All you have to do is import your passwords from your browser’s password manager.
Now that your passwords have been uploaded to your new password manager, it’s time to change the passwords for accounts with weak or reused passwords. This may take a while, so prioritize accounts that are deemed critical, such as financial and social media accounts.
When creating a new password, let your password manager auto-generate a secure password. When creating this password, you can decide how many characters you want to use, if you prefer a passphrase, if you want to use special characters, and more. Make sure to create strong passwords using at least 16 characters.
After updating your new password manager, you’ll want to delete all the passwords from Chrome. Do this by heading to Google Password Manager > Settings > Delete All Password Manager Data.
Delete Accounts I No Longer Use
You don’t have to change all of your passwords. In fact, for safety purposes, it’s best to delete accounts altogether if you’re not using them. Doing so decreases the odds that your information will be leaked in the case of a data breach. Go through your list of accounts and determine which accounts you no longer use and want to delete.
Check if Information Is on the Dark Web
There are a couple of ways you can check to see if your information is on the dark web. The easiest is to input your email address on haveibeenpwned.
After doing so, I saw that my data was involved in two different leaks, one with ParkMobile and the other with Internet Archive. After seeing this I decided to delete my account with Internet Archive and change my password and email associated with ParkMobile as I still use that account.
Data breaches happen all the time nowadays. Usually, hacked data finds itself on the dark web, where it can then be purchased and used to hack into personal accounts. Check sites such as haveibeenpwned every month or so to see if your data may have been leaked. Your password manager may also be able to run a scan of the dark web to locate your personal information; however, this is usually a paid service.
No one’s digital hygiene is perfect. You’ve created so many accounts that you’re bound to have reused a password or created a password that can easily be cracked. Protect yourself by using a secure password manager, creating long passwords, and run a password audit every few months.
