“Pwned Passwords” is an effective tool that lets you check whether or not your current and even previous passwords have ever been hacked in any security breach process.
It would be fancy if somehow you know that the websites you are using is secure enough that your passwords have never hijacked. Or it is more convenient if a password manager lets you check the privacy of your password in one go.
A new service Pwned Passwords has been launched which lets you check whether your password has ever been leaked in a recent data breach or not. Security researcher Troy Hunt has announced that the services has a swamp of half a billion compromised password to verify the security of passwords.
Partnered with AgileBits – maker of 1Password – making it feasible to check the passwords registered on 1Password using Pwned Passwords database of compromised logins.
In a blog, AgileBits announced the partnership with AgileBits and explained the tools working. The main criteria to look for your password doesn’t require your whole password to scan.
Instead, it makes a cryptographic hash function SHA-1 using just first five characters of your password and further uses it to search its database.
According to AgileBits, it is most secure than using the whole password to search. One more important thing is that if your password appears in the database, it clearly doesn’t mean that your account(s) are hacked but conversely, someone else could be using the same password.
But in any case if your password gets a match on Pwned Passwords then you should immediately stop using it and change to another.
Yahoo and Equifax
Last year in October, Yahoo made an alarming announcement of getting hacked of its 3 billion accounts back in 2013. Likewise, US credit monitoring agency Equifax was also hacked and hackers took off the Social Security numbers, credit card numbers, names and addresses of 143 million US citizens.
Among these hacking incidents, it is recommended to regularly change your password. Additionally, you should try to use a long string of characters as well as a mix of upper & lower case and special symbols.
Just keep one thing in mind, it is never a good gesture to share your password with any third-party in search for security of your old password on Pwned Passwords or other similar tools.