In recent global cybersecurity news, a compilation of nearly 10 billion passwords used by individuals all over the world was leaked on a popular hacking forum. Cybersecurity experts warn that criminals will use many of the leaked passwords for credential stuffing, a type of cyberattack where stolen login credentials are used to gain access to user accounts. These leaked passwords, especially when combined with previous password leaks, could contribute to data breaches, financial fraud, and identity theft across the nation.
To protect your safety on social media and protect your privacy, authors are advised to stay up-to-date on the latest security measures. As a public figure, you need to guard your safety online. Though it may sound scary, don’t fret—in this article, we’ll go over many ways you can keep your passwords and data secure across all your accounts.
Best Practices for Password Protection
This incident serves as a stark reminder of the importance of keeping passwords secure. With this single leak containing more passwords than there are people on Earth, many of us are likely to be affected by some form of identity fraud or know someone who will be. The PRH Information Security Team has compiled a list of essential tips for keeping your credentials safe from such attacks.
1.Password Hygiene: Make it a practice to regularly update and change your passwords. We recommend using complex passwords with a mix of letters, numbers, and special characters; a password length of twelve total characters minimum; and no easily guessable personal information.
Using a different password for each of your important accounts—such as online banking, email, and the PRH author portal—is also advised. It can be risky to reuse passwords, because if one account gets compromised, hackers could access many others.
2.Multi-Factor Authentication (MFA): From banking websites to social media accounts, always activate MFA if given the option. Common methods include a code sent to your phone via SMS, a link or code delivered to your email address, or an MFA app or tool such as Duo or Google Authenticator. Since the PRH Author Portal includes private sales and royalty information, we keep your information as safe as possible by requiring MFA for every user.
This ensures that your credentials are protected by an additional security layer. Remember, never pass security codes to another person and only approve authentication requests on an MFA app if you initiated the login attempt. If you receive an unexpected request or code, report the incident right away—and change your password!
3.Vigilant Reporting: If you suspect any unusual activity, such as a potential compromise of your password, report it. Websites often include reporting features within the MFA alert message, but you can also report unusual activity to the website directly.
If you see any unusual activity related to your PRH Author Portal account, you can always email us at portaladmin@penguinrandomhouse.com and we will quickly investigate the issue. Timely reporting is crucial in preventing unauthorized access.
Thankfully, as security threats multiply, in-app and external tools are increasingly developed to help keep you safe. If it’s been a while since you’ve done a security checkup, take some time out of your day to keep yourself protected across various websites:
- Google Security Checkup
- Microsoft Support
- Apple: Built-in Privacy and Security Protections
- Facebook Security Checkup
- Instagram: Keeping Instagram Safe and Secure
- TikTok: Securing Your Account
- X/Twitter: About Account Security
Make sure to check out relevant security resources for financial institutions, email platforms, social media websites, and anywhere else you regularly log in. The best way to protect yourself from a vulnerability in the future is to take steps to protect yourself today!
Phil Stamper-Halpin is Associate Director of Author Development for Penguin Random House.