What Are Credentials?
Credentials are the information you use to log into accounts, like:
- Your username or email address
- Your password
- Sometimes, your PIN, security questions, or backup codes
If your credentials are stolen, hackers can take over your accounts, steal money, or access private information.
What is Credential Hygiene?
Credential hygiene means keeping your login information safe, clean, and up to date.
Just like brushing your teeth keeps you healthy, good password habits keep your accounts safe.
Best Practices for Good Credential Hygiene
1. Use Unique Passwords for Every Account
- Never reuse the same password
- One leak can affect all accounts if you use the same login
2. Use a Password Manager
- Securely stores and remembers all your passwords
- Helps you create strong, random passwords
- Keeps your login information encrypted and safe
3. Change Passwords Regularly
- Especially after a security incident or data breach
- Avoid using the same password for more than a year
4. Avoid Saving Passwords in Browsers
- Browsers can be compromised by malware
- Instead, use a dedicated password manager
5. Don’t Share Passwords with Others
- Not even with friends, coworkers, or family
- Each person should have their own login
What Is a Data Breach?
A data breach happens when hackers break into a company’s system and steal user data, like:
- Email addresses
- Passwords
- Phone numbers
- Credit card info
Once stolen, this information is often sold on the dark web for other hackers to use.
How Do You Know If Your Credentials Were Breached?
You can use free and trusted tools to check if your email or password was exposed in a breach.
Trusted Websites:
- https://haveibeenpwned.com
Enter your email to check if it’s been involved in a known breach. - https://monitor.firefox.com
Warning Signs of a Breach:
- You get alerts that someone tried to log into your account
- You see emails from websites you never signed up for
- You notice purchases or activity you didn’t make
What To Do If Your Credentials Were Breached
1️⃣ Change your password immediately
2️⃣ Enable Multi-Factor Authentication (MFA)
3️⃣ Check other accounts that use the same password and update them
4️⃣ Monitor for unusual activity (emails, transactions, login alerts)
5️⃣ Notify your IT team or bank if sensitive accounts are affected
Stay Ahead: Monitor & Protect
✅ Sign up for breach alert notifications from trusted sites
✅ Use MFA on all accounts
✅ Use strong, unique passwords for every login
✅ Regularly check your credentials for exposure
✅ Be careful of phishing emails that follow data breaches
Mini Quiz (Test Yourself!)
- What are credentials?
- a) Your username and password
- b) Your phone number only
- c) A type of malware
- What is credential hygiene?
- a) Cleaning your keyboard
- b) Using good habits to keep login info safe
- c) Saving all passwords in your notes app
- What happens during a data breach?
- a) A company gives out free products
- b) Hackers steal personal information
- c) You get logged out of your accounts
- What should you do if your password is leaked in a breach?
- a) Do nothing
- b) Use the same password again
- c) Change it right away and enable MFA
- What is a good tool to check if your data has been exposed?
- a) Social media
- b) A search engine
- c) haveibeenpwned.com
(Answers: 1-a, 2-b, 3-b, 4-c, 5-c)
