The new RockYou2024 password list is out! And it’s a LARGE list — 9,948,575,739 unique passwords to be exact! The RockYou password lists are basically a compilation of real-world passwords that users use.
What does this mean and how does it affect you?
Hackers can use automated tools and these lists to attempt logging into user accounts. That means, we are going to see a lot more credential stuffing and dictionary attacks using tools like Hashcat, John the Ripper, Ophcrack, Hydra and many more.
Credential stuffing
Credential stuffing attacks are when an attacker uses one password to compromise multiple accounts of the same username and password. For instance, if you used the same email and password for your social media account as you do with your banking account, then a hacker can gain access to both accounts from a single set of credentials. And trust me, they will try different accounts, even if you do get locked out. They will try again after an unspecified time. If you tried to log into your account and it is locked out, chances are, an attacker had attempted to log into your account.
There are tools that hackers can use to find your entire online footprint in a matter of seconds including any accounts tied to you regarding social media, e-commerce, utilities and other platforms. Additionally, personal information such as your email, birthdate, Social Security Numbers are all readily available on either the dark web or even from public records.
Dictionary attacks
Dictionary attacks, like a brute force attack where every possible combination of characters is used, is a method used by hackers to crack passwords by systematically entering every word in a pre-defined list of possible passwords, known as a dictionary—in this case, the RockYou2024 list.
How do I protect myself?
There are a number of precautions and actions to take to protect yourself from such attacks including strategies and tools to create stronger passwords.
Taking the proper precautions, setting priorities and understanding your risk is vital. You may place more precautions towards your financial accounts compared to your online shopping account that you use only a few times a year.
We strongly encourage you to take a closer look at your accounts and take the proper precautions. You can follow our guide on how to 5 Ways to Make Your Passwords Harder to Hack.
And if you do suspect that your account has been compromised, take a look at this guide on actions you can take.