Having a password stolen is often a nightmare. Most don’t realize what’s happened until it’s too late. Hackers don’t want people to know that they’ve gotten hold of their credentials. So they usually stay as quiet and discreet as possible. Otherwise, their antics may get cut short before they could wreak some real damage or really profit off their malicious endeavors.
But there are ways to see whether some stranger has stolen your password and is now using the associated account or device.
6 Signs Your Password Could Have Been Stolen
Here are six signs that something’s not quite right, and that it might be time to change that password.
1. A Data Breach Has Happened
If there’s been a data breach at a company you use, then likely someone compromised their data. Even if it didn’t happen, it’s still better to assume the worst and take action accordingly.
2. Breached Accounts Show Up on HaveIBeenPwned
Checking HaveIBeenPwned is a reliable method of seeing whether someone could have stolen passwords of your accounts. Of course, it will only show the accounts (and thus passwords) associated with the email address that you type in. So make sure to test all your email addresses.
3. Unusual Credit Card Activity
If someone steals the passwords of accounts that store credit card information, then it’s likely they will use your credit card sooner or later. Regularly go through credit card statements and be on the lookout for unexpected charges — especially small ones.
4. Verification Emails
A lot of services send emails to make sure that someone meant to make changes to their accounts. Any unsolicited emails that want to verify a new password or account changes are a definite sign of a stolen password.
5. The Password Doesn’t Work Anymore
It is a pretty solid sign that someone’s stolen your password and has since changed it to a new one.
6. Strange Account Login History
Some online accounts, such as Facebook, have a login history. It shows which devices have logged in recently, when, and where. Any unfamiliar times, locations, or devices mean someone else has the password of your account.
Someone Knows Your Password? Here’s What To Do
Here’s a list of step by step instructions on what to do if someone gets your password. Some of these suggestions also work well as preventative measures. They make sure no damage happens in the first place.
1. Instantly Change the Password
It might seem obvious but still needs to be said. Change the password, even if the threat is still only speculation. If you wait to make sure and do nothing, you can get locked out of your account. So changing the password before hackers can do the same is one way to avoid loss of data or the account altogether.
2. Contact the Service Provider
If the hacker has already changed the password, then you need to notify the relevant company. Either send them an email explaining the situation or call them, if possible.
Of course, if it’s an email account that’s been breached, then that makes things a little harder. It might take some time to get through this process. But it is a crucial step in gaining back control of the account.
3. Set up Two-Factor Authentication
Next, set up two-factor authentication so that cybercriminals can’t take over your account again. This way, even if the hacker somehow gets access to the new password, they still can’t get in.
Two-factor authentication involves setting up a secondary verification method. It is usually either a security question or an auto-generated one time pin (OTP) upon login request. If the attacker doesn’t know the answer or doesn’t have access to the device you get the OTP on, then they can’t get in.
4. Install a Password Manager
Password managers have become a necessity, thanks to the sheer number of accounts people have these days. While most know better, password reuse is still rampant. It often puts many accounts at risk when someone steals a single password.
Password managers are a reliable solution to this problem. The user only needs to remember one master password. Obviously, though, it’s essential to make sure that one password is safe at all times.
People who use Chrome, especially, need a Chrome password manager. Because Chrome’s in-built password saving option isn’t the best way to remember passwords, nor is it the safest way to protect them. Most password managers can do a better job than Chrome. They enable encryption methods to make sure the data you store on a password manager is secure.
The Bottom Line
Take preventive measures to keep your accounts safe. Be on the lookout for possible signs that someone knows your password. Act right away if you find out someone does.
The idea of someone else having access to your accounts can be scary. But so long as you are attentive and act quickly, it shouldn’t be a big problem.