(ANTIMEDIA) — If you’ve ever wondered if your passwords have been involved in a data breach, there’s now an easy way to find out. A digital security expert in Australia just created a tool in the form of a quick online search that allows people to check whether any of their passwords have been some of the roughly 320 million already compromised thus far.
We're revolutionizing the news industry, but we need your help! Click here to get started.
Troy Hunt, founder of Have I Been Pwned — the website through which the Pwned Passwords service is freely offered — said in a blog post introducing the new tool that the idea is about giving people the means to verify suspicions:
“The point of the web-based service is so that people who have been guilty of using sloppy passwords have a means of independent verification that it’s not one they should be using any more. Mind you, someone could actually have an exceptionally good password but if the website stored it in plain text then leaked it, that password has still been ‘burned.’”
The Have I Been Pwned site, launched in 2015, offers a similar service for email accounts and usernames, though it requires users to sort through individual data breaches. The Pwned Passwords feature, in contrast, allows people to search for their passwords directly.
Hunt said in his blog post that he hopes the tool will help raise awareness about the issue of online security:
“As well as people checking passwords they themselves may have used, I’m envisaging more tech-savvy people using this service to demonstrate a point to friends, relatives and co-workers: ‘you see, this password has been breached before, don’t use it’.”
While he notes on the Pwned Passwords page that users shouldn’t search for passwords they currently use, Hunt says that point should really be a no-brainer.
“It goes without saying (although I say it anyway on that page), but don’t enter a password you currently use into any third-party service like this!” he writes. “I don’t explicitly log them and I’m a trustworthy guy but yeah, don’t.”
For those who still choose to search for their current passwords, Hunt has also made the entire database available for download in three files totaling 5GB.