logo

09 August 2017

Website tells you if your password has been leaked

This is not the best news for the password I had been using.

IF YOU think your accounts are protected, you might want to reconsider as passwords used by almost 306 million people have now been leaked online.

Thankfully, a digital security expert has created a tool for people wanting to see if they have been caught out.

Have I Been Pwned founder Troy Hunt said his website requires users to enter their details into a search box, which is cross referenced to a database of leaked passwords that have previously been involved in some of this decade’s biggest data dumps.

The website will then tell you if your account details have been compromised and how to protect yourself if this is the case.

“If the password alone comes back with a hit on this service, that’s a very good reason to no longer use it regardless of whose account it originally appeared against,” he wrote in blog.

“As well as people checking passwords they themselves may have used, I’m envisaging more tech-savvy people using this service to demonstrate a point to friends, relatives and co-workers: ‘you see, this password has been breached before, don’t use it’.”

Nobody is 100% hack proof, but you don’t have to make it easy to become a victim either. WSJ’s Nathan Olivarez-Giles explains how to see if your personal info has been taken in a hack, and what you can do to be safer. Photo/Video: Emily Prapuolenis/The Wall Street Journal

While the service is helpful, Mr Hunt does warn against testing your current passwords on the service.

“It goes without saying (although I say it anyway on that page), but don’t enter a password you currently use into any third-party service like this!

“I don’t explicitly log them and I’m a trustworthy guy but yeah, don’t.

“The point of the web-based service is so that people who have been guilty of using sloppy passwords have a means of independent verification that it’s not one they should be using any more.

“Mind you, someone could actually have an exceptionally good password but if the website stored it in plain text then leaked it, that password has still been ‘burned’.”

In addition to the search tool, Mr Hunt also made the information available for download as a single 5.3GB file of passwords that shouldn’t be used anywhere.

Please follow and like us:

Share
#

Write a comment

4+2 = ?