Has my password been leaked or stolen? Here's where you can find out

To find out if hackers have shared one of your passwords online, you just need to enter your email address into one of several online security databases. — dpa

Billions of stolen and leaked email addresses and passwords have been traded on hacker platforms over the years, and there's a chance one of yours has been among them at some point or other.

Once hackers get hold of login data, they typically either use it to gain access or sell them. Either way, the user loses.

Victims of identity theft will often have to pay for orders placed in their name. However, the damage is by no means always only financial.

If hackers have had access to private data or photos stored on an online storage service, this can be extremely stressful, with a psychological effect similar to knowing a burglar has been in your home.

That's why, to avoid being caught out, we all need to regularly check that none of our passwords are currently circulating the web.

Thankfully, this is easy, and you just need to query one of the several Internet security database that keep records on leaked and stolen data that has become available online.

Among the best known is haveibeenpwned.com, where you enter your email address or phone number to instantly find out if you've been "pawned" and where.

It doesn't hurt to check several databases on a regular basis. After all, it may be that one security researcher has data records that the others do not have.

Mozilla's leak query service Firefox Monitor also uses the "Pwned" database, and works almost identically, but differs in one practical detail.

You can also register on the Monitor page with an email address and will then be informed immediately if your own identity data should appear on the net.

Any passwords you save in the Chrome browser or password manager 1Password will also prompt an alert if they are found to have been shared online.

The Hasso Plattner Institute (HPI) in the German city of Potsdam also has a query option called Identity Leak Checker, where you can enter your email address.

A database comparison then checks whether the email address has been disclosed on the Internet in connection with other personal data such as telephone number, date of birth or address and could be misused.

If there is a hit with one of the services, you'll need to make sure you're not still using this leaked password on any service.

Unfortunately, if a password doesn't get any hits on any major databases that does not necessarily mean that it's completely secure, and you'll still need to create complex passwords that are hard to guess.

You're also better off activating two-factor authentication (2FA) wherever it is offered, which requires an extra confirmation (usually on a smartphone) whenever there's a login on your account.

Since hackers are very likely to try out stolen login details on various popular sites, your passwords should not only be strong, but also unique to each individual service - even and especially where no 2FA protection is offered.

If you struggle to remember various complex passwords, then a password manager may help. In general, a well-secured email account is particularly important because it often represents a kind of master key for many other services that send links to reset the password by email. – dpa
Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Tech News

Sweden's NENT sees sales growth at upper end of target range through 2025
NFT craze fuels US$4.3bil French football card startup
Exclusive-Mexico's Kavak says new funds make it second-most valuable LatAm startup
Facebook seeks to defend itself after scathing reports
Philippines lower house approves VAT for big tech firms
SoftBank backs Steven Mnuchin's $2.5 billion private equity fund - FT
Facebook wraps up deals with Australian media firms, TV broadcaster SBS excluded
Burn in hell: French monks set fire to 5G masts
Airbnb’s Chesky is game to share safety information with rivals
Bitcoin drops below US$40,000 as regulatory drumbeat grows

Stories You'll Enjoy