Find Out If Your Password Has Been Hacked Using This Website

Still using the same password for every account?

With hackers harvesting millions of login details every single year the likelihood that one of your accounts has been compromised is increasing exponentially.

To try and help you regain some peace of mind and indeed control over your life on the internet a tool has been created that could help.

Troy Hunt is an Australian security researcher and has created a safe online tool that lets you find out if your password has already been hacked.

It’s called ‘Have I been pwned?’ and it lets you check your password against Hunt’s database of over 320 million passwords that have been stolen by hackers through various data breaches.

Open Image Modal
Troy Hunt

How it works is really simple. You just put in the passwords that you’re currently using and the system will anonymously check it against the database of known passwords and let you know if it has been compromised or not.

If it has then you’ll get this message advising you to change your password immediately and never use it again.

Open Image Modal
Troy Hunt

Writing on a blog post explaining why he set up the service, Hunt asks companies to use this service as an opportunity to educate its users.

“Use this data to do good things.” He says. “Take it as an opportunity to not just reduce the risk to the service you’re involved in running, but also to help make people aware of the broader risks they face due to their password management practices.”

“When someone gets a “hit” on a Pwned Password, help them understand the broader risk profile and what this means to their personal security.”

You can check if your password has been used before by clicking here.

So what do you do if you have been hacked?

Well there are two immediate things that need to happen. The first of which is that you need to make sure none of your other accounts use that password and you need to create a new one.

While conventional advice has always been to make them needlessly complicated, the security expert who first promoted this recently done a U-turn.

Instead the new advice is that passwords should be a collection of random phrases that only a human could come up with. A perfect example would be “leekeatingrabbitstorm”. It makes zero sense and would take a computer millions and millions of guesses to get right.

The next thing you need to do is if your account supports it, set up two-factor authentication. This effectively means that if someone does guess your password they’ll still need to enter a special code delivered to your smartphone.

Finally, and this is only if you’re looking to be really secure, it might be worth investing in a password manager like 1Password/LastPass or Keeper Security. These apps are incredibly easy to use and can create incredibly complex passwords that can be copied and pasted from the app.

Best Password Managers

1
1Password
1Password is the 'Swiss army knife' of the group. It'll run on almost anything. It's also one of the easiest to use as well thanks to an ultra-simple interface. Rather than using autofill, 1Password uses extensions in Chrome, Firefox and Safari which gives you quick and easy access to your vault on any of your computers. The iPhone app uses Touch ID. This is a great all-rounder for the single user who just wants a complete solution.Price: $49.99 (Single license)
2
Dashlane
DashLane is the team player out of the three options here. Offering a similar user interface to 1Password, Dashlane is simple to use and powerful to boot. If you run a small business or even a big business however then this could be the service for you. With variable sharing options you can send passwords to colleagues that also have Dashlane while keeping the password secure even from them. All they have to do is accept, and the app will log them in to the service without them ever having to see the login credentials. It'll work on iOS, Android, Mac and Windows.Price: $39.99 per year.
3
LastPass
LastPass may be last on the list but it's definitely not the least. This is the veteran password manager and as such has the most features. It'll run on every platform and through every site, it's also customisable to a professional degree with support for biometrics and almost any other authenticating technology you can think of. It may be a little more complex to use but once it's set up LastPass is arguably the most flexible in terms of creating a service that you want.Price: $12 per year