Passwords - Do you check for data breach on haveibeenpwned?

Updated by Jack Pettit [SSW] 1 year ago. See history

123
<introEmbed body={<> Sometimes passwords can be compromised through no fault of our own. There have been several high-profile breaches of password databases. The project [haveibeenpwned](https://haveibeenpwned.com) is a free database that aggregates data from breaches, and you can use it to check whether your account has been included in a known breach. </>} />

You can enter your username (usually an email address) and it will tell you if your email address has shown up in a known data breach. If it has, that password is compromised and should be changed immediately.

You can also subscribe to haveibeenpwned, so that if in the future your email address shows up in a breach, you can be notified straight away.

Image

Figure: Subscribe to haveibeenpwned to know as soon as possible if your password has been compromised

Categories

Rules to Better Security - End Users

Acknowledgements

Matt Goldman
Related rules

Need help?

SSW Consulting has over 30 years of experience developing awesome software solutions.