By Rob Pegoraro, Special for USA TODAY
Time to give your passwords a check up.
Question: Should I change my Yahoo password?
Answer: You probably don't need to on account of last week's password breach. But this incident —following earlier security failures at LinkedIn and eHarmony— should be all the motivation you need to give your passwords a check-up.
The breach did not involve Yahoo's core consumer operations, such as its eponymous Web-mail service or its Flickr photo-sharing site. Instead, it affected Yahoo Voices, a library of articles, photos and videos cranked out by outside contributors that went by the name Associated Content until Yahoo bought that site for a reported $90 million in May of 2010.
In an apologetic post on its corporate blog, Yahoo explained that hackers got access to "an older file containing approximately 450,000 email addresses and passwords" predating that acquisition.
Back then, Associated Content let users sign up with logins from other sites, including Yahoo and also Google's Gmail and Microsoft's Hotmail. That company failed to take the basic step of encrypting this account database.
CNet's Declan McCullaugh obtained a copy of that database and found that it included 137,559 Yahoo accounts and 106,873 Gmail credentials. McCullaugh also noted some horribly weak passwords — 780 were just the word "password."
You can see if your account was among those compromised by checking your e-mail address at a page set by Sucuri Malware Labs, a Menifee, Calif., security vendor: http://labs.sucuri.net/?yahooleak.