My password has leaked!

When you use a password to log into an Internet service, that service has a copy of it so that it can verify that you are correctly identified. 

In reality, a decent service shouldn't keep your password unencrypted. And what is usually saved is a hash, something like a modified version of your password so that if someone steals that database, they can't really see the password, they have that modified version which is useless. But of course, see if the services you use are that careful.



The fact is, when there are password thefts, many times massive, of thousands or millions of users, they end up being sold, posted on some disadvantaged sites or even reaching more decent sites. The fact is, there are sites and companies that collect these losses.

Apple warns you of leaks

If you enter a password for your usual web or applications using, for example, Safari, the system looks to see if that password appears in the leaked password databases and if it finds it, it tells you. 

My password has leaked!

It tells you that the password appears in the leaks, not which service it came from. 

Change the password in all services

So, for example, if you use the same password for Google and Facebook and it gives you the warning when you enter Google, it doesn't mean that it has been filtered by Google (it may or may not, maybe it has been filtered by Facebook or you have placed it by somewhere you shouldn't). So the problem is not solved by changing the Google password. You have to change your password wherever you use it. 


In the case of the photo, it went out when I entered my NAS but I have the same password in some other services, so I don't really know where it came from, where the loss happened. Or maybe it was someone else who came up with my own password. The thing is, it's now a compromised password.



Using the same password in multiple services is a common practice to avoid having to memorize so many passwords, but it has these risks. 

Maybe the bad guys who get those passwords won't end up testing it in the service I have it in but in others, but just in case it's better to change it. 


A round of applause to Apple for taking care of security.

add a comment of My password has leaked!
Comment sent successfully! We will review it in the next few hours.