Imgur, the popular image sharing service, confirmed a few days ago that 1.7 million email addresses and passwords were stolen in 2014. The hack went unnoticed for four years until 23 November 2017, when the stolen data was sent to Troy Hunt of notification service Have I Been Pwned.
At the time of the hack, Imgur encrypted all passwords via an old algorithm SHA-256, which can easily be decrypted by hackers. Anyone who uses the same Imgur email address and password combination on other sites should change their passwords immediately.
It’s tempting to use one single password and use it everywhere. You should not do this. If hackers crack your password on one website they can easily try the same password with your email address on other websites. If you never reuse passwords, damage from a cracked password is already contained.
Better safe than sorry
KeyHasher helps you to create strong memorable passwords that are unique for each website: use a personal phrase that includes the name of the website and use it as input to generate strong passwords with KeyHasher.
