RockYou2021 is the latest data leak that was posted online recently. According to the initial analysis published by CyberNews.com, It contains more than 8.4 billion entries containing passwords that range from 6 to 20 characters in length.
What is RockYou2021?
This is said to be a compilation of all the previous data leaks and not a new mega leak in itself. The leak was posted online in a forum in form of a 100 GB file named “rockyou2021.txt” and this is why this data leak is being called RockYou2021. Even though the original poster claimed that it has 82 billion passwords, the analysis by CyberNews experts has revealed that it contains only 8.4 billion unique entries.
Not a new data leak
But according to Chris Partridge this is not really a data leak and contains no stolen passwords. In fact, he went through the file and found out that it contains a number of word lists and password dictionaries. These lists and dictionaries are readily available online and used to test weak passwords. He also claims that it contains around 3.8 billion records from previous data leaks combined together.
Check for passwords in RockYou2021
If you are wondering whether your passwords have been part of RockYou2021 file, then you can follow many options. Easiest option is to visit Have I Been Pwned website at https://haveibeenpwned.com/ and look for your email addresses or phone numbers. It will instantly tell you whether your pwned or not.
Another option is CyberNews password leak checker tool which can be found at https://cybernews.com/password-leak-check/. In this case, you have to enter your password only and it will tell you whether it has been part of any leaks. They are going to merge new entries from RockYou2021 in their database of leaks soon so you can keep checking their online tool.
The hardest method is to actually download the RockYou2021.txt file and search it yourself. The file is available from Raid forums (link can be found on Chris Partridge’s site). But it is 100 GB file and loading or searching through it might make your computer unstable. Not to mention the long times it will take for each single search.
What to do if your password made the list?
If your password has made it to any of the data leaks, whether old or new, then the first thing you should do is change your password for those accounts. You should pick a very strong password using tools like Quick Password Generator. If your online accounts allow, then enable 2FA (two factor authentication) or login via the mobile apps. It is also a good habit not to use the same password (even if it is a very strong one) for all your accounts and keep changing them periodically.