GLOSSARY

When you hash a password, it gets converted into a long string of random-looking characters. The same password always makes the same hash, but you can't reverse it — you can't take the hash and figure out the original password. Think of it like a blender: you can put a strawberry in, but you can't un-blend it back out.

A data breach happens when hackers break into a company's database and steal information — usually usernames, emails, and passwords. If you had an account on that site, your info might now be floating around on the dark web for other hackers to use.

Encryption takes readable data and scrambles it using a key. Only someone with the correct key can unscramble it. It's like a combination lock — the data is useless to anyone who doesn't have the combination.

2FA means that even if someone steals your password, they still can't get in without a second thing — usually a code sent to your phone or generated by an app. It's like having a deadbolt AND a chain lock on your door.

Phishing is when someone pretends to be a trusted company — like your bank, Amazon, or Netflix — to trick you into clicking a fake link and entering your login info. The fake site looks real but it's controlled by the attacker. They now have your credentials.

A password manager stores all your passwords in an encrypted vault. You only need to remember one master password to unlock it. This lets you have a different, complex password for every site without actually having to memorize them.

Malware is a catch-all term for any software that's designed to do something bad — steal your files, spy on what you type, lock your computer for ransom, or use your device to attack others. Viruses, spyware, and ransomware are all types of malware.

Ransomware sneaks onto your computer, encrypts all your files so you can't open them, then demands you pay (usually in cryptocurrency) to get the key to unlock them. Even if you pay, there's no guarantee they'll actually send the key. Backups are your only real protection.

A VPN routes your internet traffic through a server in another location, hiding what you're doing from your internet provider and anyone on the same network as you. It's especially useful on public WiFi. It doesn't make you anonymous, but it does make it much harder for someone to snoop on what you're doing.

When you connect to WiFi at a coffee shop, airport, or hotel, other people on the same network can potentially see your traffic. An attacker can also set up a fake WiFi network with a convincing name to trick you into connecting to them instead.

This is the trick the password breach checker uses. Instead of sending your full password hash to the database, it only sends the first 5 characters. The database returns all hashes that start with those 5 characters, and your browser checks if your full hash is in the list. The server never sees enough to know what you actually typed.

Zero-knowledge means the company running the service has no way to access your data — even if they wanted to. Good password managers work this way. Your vault is encrypted on your device before it ever hits their servers, so even if they got hacked, attackers would only find encrypted gibberish.