In November, they finally released their full results, in collaboration with University of California, Berkeley.
Google found out that hackers obtain people’s password by either deceiving them into giving it up (e-mail phishing) or by “third-party breaches”, which means taking your data from someone else and look up what happened with Equifax for example).
The numbers are interesting to say the least: between March 2016 and March 2017, 12 Million credentials have been stolen through phishing and 3.3. Billion during third-party breaches.
15% of Google’s users report having their account breached by hackers and we don’t even know how many of them don’t report it or don’t notice it.
How do we fight back then?
It is very important to NEVER USE THE SAME PASSWORD. I know that, if you’re like me, that might feel like an easy option, since your memory is not top notch and you don’t feel like writing it down on a post-it on your desk. It’s worth the hassle though.
If you have a ton of different sensible passwords, then you should use a password manager. There are many reliable ones available, even for free.
Google also wants you to know that their Security Check-up, together with having a phone number linked to your account, will make sure you’ve always got everything under control.
Don’t rely too strongly on your password just because it’s worked so far. Be safe out there.