How to tell if your passwords are vulnerable to hackers

Daniel Howley
·Technology Editor
·4-min read

Today one of the most important days of the year: World Password Day. Okay, it’s not exactly National Doughnut Day, but it’s a good excuse to sort through the various passwords you use to determine if they’re worth changing, you use them on multiple sites, or they’ve been compromised somehow.

In fact, Apple's (AAPL) iPhone and even your Google (GOOG, GOOGL) account can give you a leg up on checking out those passwords, making it far easier to browse through them all and figure out which you need to change.

Tired of dealing with passwords at all, or want more security on top? Then you might want to try a specialized USB authenticator key to throw two-factor authentication onto your accounts.

Not sure how to do that? I’m explaining it all in this week’s Tech Support.

How to check your passwords on your iPhone

So you’ve been using your iPhone for a while, saving passwords for everything from Facebook (FB) and Amazon (AMZN) to your credit card apps to your iCloud account via its Keychain feature. Solid call. Not only does that make signing into apps easier, it also helps your iPhone determine if your passwords and accounts are putting your accounts at risk of being hacked or taken over.

Your iPhone can show you what passwords you are reusing or have been compromised in data leaks. (Image: Howley)
Your iPhone can show you what passwords you are reusing or have been compromised in data leaks. (Image: Howley)

To check your passwords you’ll need to go into the Settings app on your iPhone then scroll down and select Passwords. From there, you’ll see an option for Security Recommendations.

Tap that, and your iPhone will show you if you’re using passwords across multiple sites, which can put your accounts at risk; if passwords are too easy to guess; and if your information has been exposed as part of a data leak.

Tapping into each password will allow you to go to the appropriate site to access your account and make the changes you need. It’s a seemingly small feature, but one that’s worthwhile to keep your information secure online.

How to check your passwords using Google

If you’ve got a Google account, and who doesn’t, you’ve likely saved your passwords to make them more easily accessible via the Chrome browser. And like your iPhone, Google makes it easy to check out those passwords to see if they’re adding to the risk of being hacked.

Your Google account can also provide you with information about potentially problematic passwords. (Image: Howley)
Your Google account can also provide you with information about potentially problematic passwords. (Image: Howley)

To do this, log into your Google account on your laptop or desktop and then navigate to your account’s home page. Select the Security tab and you should see a message at the top of the screen that says “Critical Security Issues Found.”

Click that and you’ll see a new page with an alert saying you have compromised passwords. Select that link, and you’ll be shown a list of your passwords and why they’re a problem including whether they’ve been part of a data breach or if they’re just too easy to guess.

Make the changes you need, and you’ll be a lot safer online.

Use a USB security key

Two-factor authentication is a secondary lock on your account. In addition to signing into an account with a password, it also requires you to use a string of characters generated by a specialized app or via text message.

USB authenticator keys like these by Yubico can help provide an extra layer of security beyond passwords. (Image: Yubico)
USB authenticator keys like these by Yubico can help provide an extra layer of security beyond passwords. (Image: Yubico)

But hackers can copy your SIM card and phone number, meaning if they have your password, then they can get those same secondary strings of characters sent to their own phones, giving them full access to your account.

To prevent that, companies like Yubico offer consumer-grade USB authenticator keys. The keys, which can be connected to your computer or smartphone via USB C or Lightning connections, provide an additional layer of protection by ensuring that only the person with your specific key can unlock your account.

The keys work with a number of major apps and websites including Google and Facebook, though banking apps may not support them — which is a bummer considering they’re some of the most important apps to protect. But if you’re looking for some serious security, such keys can go a long way.

Now I’m off to fix all of my terrible password issues. You should probably do the same.

Sign up for Yahoo Finance Tech newsletter

Got a tip? Email Daniel Howley at dhowley@yahoofinance.com over via encrypted mail at danielphowley@protonmail.com, and follow him on Twitter at @DanielHowley.

More from Dan:

Follow Yahoo Finance on Twitter, Facebook, Instagram, Flipboard, SmartNews, LinkedIn, YouTube, and reddit.

  • Up next
  • Up next
  • Up next
  • Up next

Latest stories