If you recently got a warning message saying, “This password has appeared in a data leak”, then there is a good chance that your account is at high risk of vulnerability. Data leaks are one of the nasty ways for hackers to expose and sell your private data, which may make you fall victim to a ransomware attack.
I’ve received this message recently. I made some research and in this article, I will explain what it means and show you the steps to protect your account from being compromised.
This Password has Appeared in a Data Leak: Meaning
A “This password appeared in a data leak” message on your iPhone or iPad indicates that your password has been publicly leaked online, thus putting your account at risk of hacking attacks. Is it your fault? No, but you should take care of it since it is very likely that hackers know your password and are actively trying to compromise your account.
So why do you get this message?
Apple has recently set up a cybersecurity feature that notifies iPhone and iPad owners if their login details for apps and platforms show up in a data leak and suggests some security measures. With iOS 14, this functionality became available, and it checks to see whether any of the sites you have accounts on has been pwned before checking your last update date. You’ll see a warning notice if the date of your most recent password change is earlier than when a website was breached.
Apple will match this information against the lists of leaked passwords and cross-reference to produce a list of pwned accounts that includes yours.
To find your information about all of your saved passwords, head over to Settings > Passwords. There, you can check which of your passwords has been leaked. You’ll see a message appearing similar to the image below.
Suppose you don’t have any messages, congrats! Your passwords are safe, or you just don’t have this functionality activated.
Go to Settings > Passwords > Security Recommendations > Detect Compromised Passwords to turn on this feature. From here, turn on the toggle.
There are a number of warning messages you may see. But the most concerning is the one saying, “This password has appeared in a data leak”. You can also see which websites your passwords are now exposed on by tapping on each of the alerts.
What to Do?
If you get this message on your iPhone or iPad, there are several things to do. I will walk you through some security measures to protect your data from being exposed in the future.
Change your Password
One of the first things to do is to change your password. Indeed, make sure you use strong, unique passwords for apps and platforms. It’s a good idea to include different symbols, numbers, letters, and special characters.
I recommend you do not include your details in your password, such as names, birthdays, etc. If you want to make sure that everything is highly secure from hackers, you can use a third-party tool to generate strong passwords for your accounts automatically. You can go for an app that uses ES-256 encryption.
Turn Off Share My Location
The Share My Location feature has been around for years. While it comes in handy for navigating apps, it exposes your current location, putting you at risk of a data leak. In this case, I recommend you turn off Share My Locations for some apps you do not use. To do this, head over to Settings > Privacy > Location Services > Share My Location. From here, select the apps you wish to turn off Share My Location for.
Enable two-factor authentication
Two-factor authentication is one of the best features that add an extra layer of security to your accounts, thus minimizing the risk of data leaks online. It’s a simple tip with great benefits. It’s a good idea to turn on two-factor authentication for some important apps or when you make purchases online using Apple Pay.
You can also enable this for your Apple iCloud account on your iPhone or iPad”. Follow these steps:
- Select the “Settings” app
- Tap on your name at the top of the screen
- Then, select “password and security.”
- You will find the option “two-factor authentication”.
- Slide to activate.
Do not Auto-Join Wi-Fi Networks
Some Wi-Fi networks are suspicious, causing you to fall victim to hacker attacks. For iPhone or iPad users turn off the auto-join function, which prevents a hacker from using the same service set identifier (SSID) to steal your data. To turn it off, open the Settings > Wi-Fi > Select the network you wish to turn off the feature for and toggle the switch off.
Do not jailbreak your device.
Jailbreak opens up for more apps to be installed on your device, giving you the freedom to do anything you want on your device. However, jailbreak may destroy your device, putting all of your data at risk of a leak. With the latest iOS firmware updates, Apple has been trying to tighten the iPhone security. This means jailbreak no longer serves as an ideal option to access unauthorized apps on iPhone.
Best password security practices
A safe password should be:
- Unique to every site
- Contain a mix of upper and lowercase letters, numbers, and symbols
- It doesn’t contain any personal information such as birth dates
- It doesn’t include words from a dictionary in any language
If you already use iCloud Keychain, you can use its password generator to generate strong and unique passwords to protect your accounts and data. Otherwise, many websites and apps such as LastPass and Dashlane can generate strong passwords for you.
To change passwords on your iPhone or iPad, go to Settings >>> Passwords >>> Security Recommendations and select Change Password on Website.
In A Nutshell
The new “Security Recommendations” feature on the iPhone shows you when your password has appeared in a data leak, then offers simple steps for how to change your passwords. To turn it on, go to Settings >>> Passwords >>> Security Recommendations and select Change Password on Website. I recommend you do not jailbreak your device or auto-join Wi-Fi networks but instead enable two-factor identification whenever possible with Apple Pay purchases or important apps like iCloud Keychain. You can also use third-party tools that generate strong passwords automatically! Now is the time to take control of your security – don’t wait until it’s too late!