The Yandex team announced the launch of a new function to protect Yandex ID accounts. Now, every time people enter a password, it is checked for security. Yandex will also send push notifications about all logins to Yandex ID so that the user can immediately notice a suspicious visit and close the account from intruders.
According to the developers, Yandex uses a database of 1.2 billion compromised passwords for verification, which it replenishes from open sources. The database contains passwords that are publicly available or leaked to the network. In case of danger, Yandex will ask the user to change the password and confirm their rights to the account using the code from the SMS.
The head of Yandex ID Vladislav Tabolin explained:
Yandex ID stores personal data, therefore it has many degrees of protection. But if the password gets to the cybercriminals, it will be more difficult to protect the account. Therefore, we decided to strengthen the protection of accounts and constantly check passwords for security. This is a technically challenging task since all passwords are stored and transmitted in encrypted form. "