It doesn’t matter if your password is 32 characters long, alphanumeric, and would take several quintillion years to crack—it’s not secure. As a matter of fact, anything that touches the Internet isn’t secure!
This is because password security does not only come at the discretion of the user who has created it but also the server that it’s being stored on. For a website to verify your login credentials, your password must be stored in their database. That means that if the server mishandles it or gets hacked, you pay the price.
As we move into an internet where we’ve started pondering replacements for traditional passwords, websites that monitor for password dumps have become increasingly popular.
The most unfortunate part is that these dumps are often due to websites being hacked, not users, which feels incredibly unfair for those of us suffering the consequences.
There’s nothing that we can do to change the fact that databases are susceptible to breaches and that our data isn’t sacred, so we must learn to do the next best thing: constantly monitor for our passwords being leaked to the Internet.
In this article, let’s go over a few of the best websites to help you monitor if your passwords have been leaked online.
Have I Been Pwned
First, let’s talk about the name. The word “pwn” is a form of leetspeak derived from “own,” a term people often used in internet culture—usually by gamers—to describe defeating someone in some way.
To use Have I Been Pwned, simply type in your email address and hit the pwned? Button.
You’ll either (luckily) be told that your passwords are safe or you’ll see how many breached sites and pastes your passwords have been found on.
Have I Been Pwned will then show you a list of all of the websites and pastes your passwords have been found on.
Have I Been Pwned also includes a section of their site called “Pwned Passwords” where, rather than by email, you can search by password. This will let you know if that password is already floating around in dumps across the Internet.
Have I Been Pwned is generally viewed as the gold standard in password monitoring, and we recommend that you check it out first.
Credit Karma
Credit Karma has a reputation as the leading service to monitor your credit, but did you know that they have awesome data monitoring features, too—including password breaches?
Credit Karma goes above and beyond all other password monitoring sites, even showing you a censored version of the password leaked on each site listed. All you have to do is log in, go to their Identity Monitoring page, and click View details under the Data Breach Monitoring table.
The only downside is that you do have to create a Credit Karma account to see these results. However, is that really a bad thing? Isn’t it a little sketchy that these other password dump monitors allow you to search for any email address? This could lead to some nefarious activity.
If you already have a Credit Karma account, make use of this. It’s one of the most untapped ways of tracking your passwords on the Internet. Take advantage of it and you’ll know exactly which of your passwords to do away with.
DeHashed
DeHashed is an interesting spin on the average password dump monitor, allowing you to not only search by email but also by username, address, and more. After, click the Search button to see your results.
When searching, DeHashed will display the sites where your password has been leaked. However, you won’t be able to view the dump or see the specific password without registering and paying. Nonetheless, just seeing the results offers a lot of information that you can use to protect yourself.
DeHashed is a solid final choice that may help you find leaked passwords that Have I Been Pwned and Credit Karma weren’t able to pick up on. Although it’s a bit bare on features compared to the other two, it doesn’t hurt to see what DeHashed has to offer. It may save a few of your passwords.
Just last month, the Collection #1 credentials dump released with over 2.7 billion records. Every week, this is happening on a smaller scale. It’s a powerless feeling to know that we can’t stop this from happening, but we have to stay informed and ready to take action when it does. Creating a strong password for each site you sign up for helps, too.
With Have I Been Pwned, Credit Karma, and DeHashed, check your emails and passwords on a monthly basis. You’ll be able to jump on leaks as soon as they pop up, and you might be surprised at what you find!