I had a NewsNatioNow popup article headline early today for an online article that referenced AT&T’s newest cybersecurity hack (RockYou2024) that gathered all sorts of metadata from 10B passwords. in the iPhone article there is a link halfway through the article that takes you to a page to check if your passwords were compromised. The link wants you to enter your password to check it? Why would you do that? What am I not getting here? May be perfectly legit but why would I start typing in all my passwords for an application to tell me if it’s been compromised? I realize the password is separate from whatever application it is associated with or who you are, but maybe not - there are all sorts of ways for them to figure this out after the fact that we’ll learn about next year. I’d just assume all were compromised and change them. I have all financial ones set up to change every 2 months anyway. Edit: Maybe it meant to check only your AT&T password, but then they have your password for AT&T? I would just change it and not put it in the “checker” especially if you use versions of that password elsewhere.
2 Likes