The Internet is one of the most unsecured places all over the world. It’s because there are so many chances that your privacy is not safe anymore. Email, username, password etc. everything is at the risk of leakage. Hackers are also trying their heart and soul to break into your system. That’s why it’s really important that you stay secured along with your private information. Now, with the help of this awesome and new tool, you can check if your password is pwned.
The tool is developed by Troy Hunt, an Australian security researcher under his “Have I been Pwned” project. The project has gained incredible popularity and trust from the community. Troy Hunt has been collecting information on data exposed in data breaches for quite a time. His “Have I Been Pwned” (HIBP) portal allows anyone to safely check their emails, passwords or other details if that’s available in those breaches.
The password is the most popular security option for almost anything. Naturally, the number of the leaked password is also quite huge. Choosing a password that isn’t available to hackers is quite important.
That’s where HIBP rocks. From the collection of all the data breaches, the website of HIBP opened a section for checking pwned passwords in the summer of 2017 where anyone can check their passwords if it’s available to hackers. Generally, hackers try to hack an account with all the popular and exposed passwords first so that they don’t have to run the infinite possible combination of letters.
Very recently, Hunt released an improved version of the Pwned Password service – v2. This newer version includes 501,636,842 compromised passwords! That’s a huge number of passwords, to be honest. If you feel adventureous, you can download the list of passwords from the site. However, the passwords are provided in SHA-1 hashes so that the REAL password string is unavailable.
It’s important that you check your password. Hackers generally gather all the leaked passwords into a password dictionary to perform brute-force attacks on accounts. If your password is leaked before, it doesn’t matter whether your account is safe or not – it’s simply a matter of time now.
How to check your password
Let’s use the Pwned Password tool as a demo. Here’s the password we’re going to check: dragon. It’s a quite popular password.
- Go to the Pwned Password site.
- Type the demo password: dragon
- Hit Enter.
As we can see, the password was seen 913,822 times before. This check was done on 0400 GMT on 6 March, 2018.
Just like that, feel free to check your own password here. If you’re concerned about security, don’t worry. The project of Troy Hunt has earned incredible popularity and trust from the community over the time. Even enterprises use this tool for checking passwords. Password manager app like 1Password added a feature that allows checking users their passwords to check it with HIBP’s database. Similarly, Wordfence, a powerful WordPress security system, added such function in their plugins. In the open-source community, there are hundreds of apps that use the power of Pwned Passwords.
If you’re concerned about your security, you should be using a strong password. Please check this guideline for strong passwords. A greater threat is already in the world of electronics – the Spectre bug in the modern processors. Learn about SgxSpectre – the latest Spectre exploit.