How to find out if your password has been compromised

by -184 views

We’re all online, and that ways our information is, too. A poorly secured database, unknown zero-day vulnerability, or a simple security oversight is plenty for an opportunistic hacker to take advantage of and make abroad with large customer databases.

User data stolen from electricity suppliers, to hotel chains, dating sites, government agencies, Sony and Facebook has all appeared for sale on the dark spider web. Here’s how to see if yours was included in any of the heists.

The Short Version

  1. Go to Have I Been Pwned
  2. See what breaches include your details
  3. Secure compromised accounts
  4. Check your banking concern cards
  5. Check for reused passwords
  1. Step


    Go to Have I Been Pwned

    Go to and enter your email address – phone numbers used to log into online services can too exist checked.

  2. Step


    Encounter what breaches include your details

    If you lot get an ‘Oh no — pwned!’ result, scroll downward to see which breaches your details were included in.A screenshot from Have I Been Pwned results show that an address was found in breaches of Epik and Patreon

  3. Step


    Secure compromised accounts

    Log into the affected account and change your password. If you don’t need the account whatsoever more than, delete information technology.Patreon settings screen shows a new password being entered

  4. Step


    Cheque your bank cards

    If full payment carte du jour data was included in the breach – and this a relatively rare occurrence – check to run into which cards y’all accept registered with the breached account. If they’re still active, you should ask your banking concern to issue replacements.Patreon stored payment details screen

  5. Step


    Bank check for reused passwords

    Finally, check all your other accounts to make sure you haven’t used the same password anywhere else. If you use a password manager, just search for the countersign in question. If discover any repeated uses, log in to each account, change your password immediately and check the account’s login history for any IP addresses or locations that you don’t recognise.KeeWeb password manager is being searched for the word "password"

Next steps

In one case included in a breach, your credentials – your username and password – are very likely to be tried on multiple other sites past opportunistic thieves. This is the main reason to never re-use passwords.

If you aren’t already using a password manager, this is a great time to kickoff. Information technology’s of import to create a unique and memorable pass phrase as your master password, and to never use it for annihilation else.

My current favourites are Bitwarden and, if you’re a more technical user who prefers to control where your password database is stored, KeeWeb and Authpass, both of which use KeePass’s kdbx database standard.

A number of password managers include breach checking in some of their subscription tiers. 1Password integrates Accept I Been Pwned? – the lawmaking for which has been open sourced by creator Troy Chase – and is heavily promoted on the site via a partnership, but is not your just option for in-password-manager breach checking.

Dashlane, LastPass and Bitwarden, among others, all warning yous to compromised credentials in your password collection.

Kaspersky Password Manager

Kaspersky Password Director

Your digital activities made simple

Go along your passwords and documents in a secure private vault – and admission them with one click from all your devices.

  • Kaspersky
  • Yearly renewal
  • £ten.49 per year

Buy at present

Personal data breaches

Most major breaches only include electronic mail addresses, passwords and perhaps 4 digits of a payment card. Just some hacks, including the 2022 Patreon and and 2022 People’s Energy breaches, resulted in the loss of concrete addresses and even dates of nascence, which provides bad actors with more armament for identify theft.

Fortunately, you need more than than someone’south home address to steal their identity, just this kind of data tin can be used, with other personal information, to become by hole-and-corner questions for banks and authorities agencies. If yous suspect that such information has been compromised, keep an eye on any accounts that use it, and make sure you’ve chosen different security questions for identity confirmation.

While you can’t put the genie back in the bottle, you tin can continue other personal information that could supplement such information from getting out. This would be a good time to ready your Facebook account to friends-merely and avert discussing the proper noun of your first pet in online forums – solid security do at the all-time of times.

Yous can’t control whether an online service y’all use gets breached, but you lot tin minimise your potential risk past never reusing passwords (or using very like passwords everywhere), endmost whatever accounts you no longer need, and regularly checking on whether your details have been included in a beach.

Keep your passwords secure with Kaspersky Password Manager – Just £10.49 per year


If you’re still concerned nearly your security, you can use the below FAQ to help further protect yourself.

Which is the all-time anti-virus you can become to protect yourself?

Trusted Reviews regularly reviews most of the common anti-virus services, ranking them on cardinal metrics including ease of use, reliability and toll. You can meet our results in our all-time anti-virus guide.

Will a VPN help protect my information?

Virtual Private Networks are a great way to protect your privacy in many instances, though a password alienation isn’t 1 of them. You can get a detailed breakdown of what a VPN is and how it helps protect your privacy in the fastened guide.

How tin can I stop my passwords being stolen?

There are a variety of ways to protect passwords, ranging from using stiff unique keys for each account to avoiding clicking on infected links. You can see a full breakup of our current advice in the attached how to secure your passwords guide.

You might like…


Posted by: