A computer security expert has made available to users an archive that collects passwords stolen in previous attacks
Choosing a secure password is not always so easy and the risk that credentials end up in the hands of hackers is concrete and very high. However, victims don't always realize that they have been breached. There is a way, however, to find out if your password has been stolen.
The credit goes to Troy Hunt, an expert in computer security. His name is mostly linked to Have I beeen Pwned, a website that allows users to check if their email address has been compromised or ended up in a hacker attack. The researcher has added a new service, with which you can view hundreds of millions of passwords. The tool, in fact, contains a huge database, consisting of passwords that have been hacked by previous attacks. To check if your access key is in the archive published in Have I beeen Pwned, you just need to connect to the site and enter the password.
An archive of 306 million passwords
In fact, the intent of the service is also another one. The main objective, in fact, is to provide companies, as well as single users, with a tool through which they can check if the chosen password is safe. Using credentials already used by other people and hacked by hackers, in fact, is very dangerous. Especially if the password is used in multiple accounts. Hackers, in fact, could quickly access more profiles.
The archive, as said, contains many passwords. More than 306 million access keys have been collected in the database, obtained by putting together passwords stolen by hackers from users over the years. In addition to checking the reliability of the password by entering it in the search engine, the site also gives the possibility to download the entire database for free.
How to protect yourself
In case your password ended up in the archive published by Have I beeen Pwned, the first move you should make is to change it immediately, choosing a more complex and difficult to find key.
And that's not all. Hackers get hold of passwords by using different and sometimes simple ploys. For example, by sending email phishing. Also avoid sharing login credentials over the internet.
Don't download programs from unsafe platforms: they might contain malware. Don't put your data on websites without the https security protocol, as communications could be intercepted by cyber criminals.