We've been seeing a lot of rumors going around about passwords and account security. Let's start with the most important part: [b]Thanks to our vigilant security team, we are not aware of any account or data breaches for VRChat.[/b] [b]VRChat takes account security very seriously. [/b]Your credentials are stored and sent using industry standard security practices. If a breach ever occurs, we will inform our players ASAP. [i]That being said,[/i] there are still many ways that people lose access to accounts. For VRChat, it is usually by [b]having very weak or reused passwords[/b], or [b]sharing passwords[/b]-- yes, even with your friends! In addition, modified clients (which are in themselves a TOS violation!) are a known way for account theft to happen, as is importing malicious UnityPackages. [b]Never put your VRChat password into software you don't trust![/b] [b]You can mitigate this a few ways:[/b] Use a long, unique password. Never re-use passwords! Use 2FA, when offered. Never give your password to anyone else-- no, not even to your friends! Never install untrusted software. Never import untrusted Unity Packages. Use a password manager! [b]To help with this, starting today, VRChat will be checking your password when you log in to ensure it has not been compromised.[/b] [url=https://medium.com/vrchat/mybp-maybe-youve-been-pwned-30a4809ad5e1]This is done via the method described in our blog post by System last year.[/url] As a refresher, this system sends a non-reversible part of your password hash to a service called Have I Been Pwned to see if your password has been exposed in any data leaks from other services. If that partial hash matches any other full hashes, HIBP sends back a list of them so we can check on our servers. If your full hash is present in that list, your password is insecure! This way, your password hash remains secure and never leaves our own data stores. [b]If your password returns as insecure, you will be informed and prevented from logging in. You will have to check your email for a password reset.[/b] [url=https://help.vrchat.com/hc/en-us/articles/1500002379302-Logging-in-authentication-issues-and-account-recovery]If you have problems with resetting your password, you should check our KB.[/url] We realize this might be inconvenient for our players, but we want to ensure that your account remains safe while hanging out with your friends in VRChat. Thank you!