Is it even worth changing your password?
As threats to personal cybersecurity become more and more acute, many websites have created mandatory password update policies, forcing users to switch their login info every few months. This is true of most universities and certain brands of operating systems–Microsoft is notorious for regular prompting password changes. The theory as to how this helps keep you secure is simple. By regularly changing your passwords, you limit the amount of time other people who've stolen your password can access your account. Unfortunately, there does not seem to be much evidence that repeatedly changing your passwords actually works to make your accounts more secure.
It's not as scary as you think.
There have been numerous pieces written about the dark web and the dangers it could pose to your personal cyber security. It's also been used in advertisements by Experian, in which they offer "free dark web scans" to help customers find out if their "information is on the dark web." This type of language is deliberately misleading, as is the company's definition of the dark web, which basically describes it as a world full of Internet marauders hunting for your social security number. Ironically, in order to acquire the "free dark web scan," Experian itself asks its customers for their social security numbers.
In a certain light, these ads are hilarious in their deliberate misinterpretation of how the dark web works, but there's definitely something sinister about the way they prey on the wallets of the uninformed. Though it sounds dangerous, the dark web isn't the nightmarish hellscape that cyber security companies would have you believe it is. Before understanding the dark web however, one has to first understand the deep web, and by extension, the Internet as a whole.
The Internet is divided into two subsections: the surface web and the deep web. The difference between the two is simple. The surface web is readily accessible via search engines; the deep web is not. While almost every site you visit is probably part of the surface web, there are certain places on the Internet that are necessarily hidden. For example, research papers, netbanking, and medical records aren't readily accessible to anyone using Google, as the search engine doesn't index these things. Another example, is content that exists behind a paywall, like the New York Times' online newspaper. The dark web can be thought of as a small subsect of the deep web, but while the two are often conflated, they aren't the same at all. It's helpful to think of the Internet as an iceberg, with most of it existing beneath the surface. The surface web encompasses about 4% of the entire Internet while the deep web and dark web, represent 90% and 6% respectively.
Unlike the deep web, the dark web is only accessible via special networks, the most popular of which being Tor. Browsers like Tor render your computer invisible while you browse, using complex encryptions to mask your computer's IP number while you browse, allowing for a truly private Internet experience. Confidentiality is at the heart of Tor's mission, and its developers goal was to create an Internet free of surveillance and tracking. Unfortunately, when they are guaranteed anonymity, many Internet users get into some pretty unsavory things.
The first time the dark web was in the news, was when the online black market the Silk Road became a major player in 2011. Until the FBI arrested Silk Road founder Ross Ulbricht in 2013, the site was a forum dealing in illegal weapons, drugs, and child pornography, and the transactions were made via Bitcoin rather than actual cash. Bitcoin itself actually came to prominence in these illicit markets, though it's slowly falling out of favor with online black markets due to the wild fluctuations in its price over the past few years. Outside of the Silk Road and its successors, there has also been tons of publicity surrounding the hiring of hit men via the dark web, though most of these services have turned out to be scams. The most famous scam was run by a company called Besa Mafia, who would take cash from buyers, and then instead of killing the person they were hired to kill, they would report the buyers to the police and get them arrested.
It's not quite this sinister
Realistically though, the dark web isn't nearly as scary as it's made out to be. Yes, there are hackers and illegal activity, but at the core of Tor's project, is privacy. If a hacker wanted to steal someone's social security number or if a pedophile wanted to seek out illicit porn, they wouldn't need to use the dark web to do it. In fact, the dark web only accounts for about .2% of the child porn being shared online. While it's fair to assume that most sites on the dark web are used for criminal activity, it's worth mentioning that the FBI can pretty easily arrest and track folks using the dark web. They've even contracted one of Tor's developers to help them track down cyber criminals.
The dark web's reach with regard to criminal activities has been largely exaggerated by the mainstream media, and there's no real reason to fear it. If you're someone who strongly values the privacy of your browsing habits, for whatever reason, the dark web provides a different type of Internet, one that's far more secure than your standard browser. If you don't care about your Internet privacy, that's fine too. Dark web hackers aren't going to hunt you down and steal all your information in the night, and you're no less safe on the Internet just because Tor browsers exist. There's a strange tendency in this country to conflate others' privacy and anonymity with a lack of personal security. Cyber security firms have a vested interest in keeping you scared and in the dark about how the Internet works. Don't put too much stock into it. The dark web as we know it has existed since 2002, and we're no worse for wear.