Extra steps to protect WordPress.com members due to Gmail Password Leak Update
We downloaded the list, compared it to our user database, and proactively reset over 100,000 accounts for which the password given in the list matched the WordPress.com password. We also sent email notification of the password reset containing instructions for regaining access to the account. Users who received the email were instructed to follow these steps:
- Go to WordPress.com.
- Click the “Login” button on the homepage.
- Click on the link “Lost your password?”
- Enter your WordPress.com username.
- Click the “Get New Password” button.
In general, it’s very important that passwords be unique for each account. Using the same password on different web sites increases the risk of an account being hacked. Now would be a good time for all users to go through all online services and set distinct, strong passwords for each.