My Adobe.com Password Was Hacked and I Don’t Care

Adobe was hacked recently and my account was compromised. Was yours?. Here’s why I don’t care.

First off, I didn’t even know what my password was. I had to look it up to make sure it wasn’t an old one from my pre-LastPass days. It wasn’t. It was something like this:

u*xak123&8.x123!twwy

If I ran the average desktop computer and I was trying to brute force this hash (read: guess) with a special password-guessing program, it would take 63 quintillion years. In 63 quintillion years, I won’t need my Adobe.com password any more. Also, the password won’t do them good anywhere else since I only used it on Adobe.com.

You’ll notice a few themes here, all of which are key points in password security:

1. A password so strong and complicated that I didn’t even know what it was.
2. A password that was only used on Adobe.com.
3. I outsource my password management.

The majority of people who had their account compromised likely violated most, if not all of these rules. The worst case scenario for someone affected by the breach is this:

1. You have an easy to remember password, like “buttons”, “Iloveyou”, “July51981”.
2. You used this same password for your bank, email, and social media accounts.
3. You signed up for your Adobe.com account using your primary email.

If this is you, someone already has your Adobe.com username (your email address) and your password. Which is also the password to your online banking and email. And once they have access to your email, your entire online life now belongs to them.

So what to do?

1. Get LastPass and enable two-factor authentication.
2. Pick a very strong, long passphrase. Something like “Ihaveareallylongpasswordthatwillbehardtobreak”.
3. Change the password to all your online accounts.
4. Feel smug the next time one of your accounts gets compromised.