Reddit is not taking any chances. The social networking and news service announced today that it has sent out more than 100,000 password resets over the past two weeks. This is the direct outcome of the recent uptick in data breaches and “password dumps” which the company said has been made available “on parts of the Internet most of us generally avoid.” That is another way of referring to the Dark Web, that sewer-like part of the Internet where a lot of criminal activities go down.
This action by Reddit is strictly proactive in nature since the company has not been attacked, but the company says “even the best security in the world won’t work where users are reusing passwords between sites,” referring to the habit of people using one password for different platforms.
According to Reddit:
“We’ve ramped up our ability to detect the takeovers, and sent out 100k password resets in the last 2 weeks. More are to come as we continue to verify and validate that no one except for you is using your account.”
Reddit referenced the use of throwaway passwords, which it said had not been used for years, and which it would disable if it did not hear back from the owners within a month.
The company said it had mulled over the possible use of two-factor authentication, which security experts say will not go down well with users of social media sites.