Click to Skip Ad
Closing in...

10 million stolen passwords were just released – here’s how to see if yours is one of them

Published Feb 12th, 2015 10:20AM EST
10 Million Passwords Leaked

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Earlier this week, noted security researcher and consultant Mark Burnett made waves when he posted 10 million stolen usernames and passwords on his blog. Of course, the security expert didn’t post the passwords with malicious intent. Instead, his goal was to “release a clean set of data” that gives the world insights into user behavior, and also to draw attention once again to the arrest and prosecution of Barrett Brown.

Burnett didn’t steal the passwords in question, of course, but they’re now easily accessible to anyone and everyone — here’s how you can quickly and easily find out if you are affected.

DON’T MISS: I just added wireless charging to my iPhone 6 in 10 seconds, and it cost less than $20

Burnett posted the 10 million leaked usernames and passwords in one big torrent file that anyone with a computer can download in a matter of minutes. Thankfully, one of the people who downloaded that file used it to create a simple site where anyone can check to see if their accounts have been compromised.

Here’s how you can check:

Simply visit this page on programmer Luke Rehmann’s website, where you’ll be able to search for your usernames and passwords in the leaked file.

Now, before you start wondering if Rehmann is just using this page to collect the usernames and passwords people input, it’s important to note that you can (and should) search with partial entries. So, for example, if your password is “trustno1,” you can simply search “no1” or “trus” and see if one of your accounts comes up.

As Burnett notes in his blog post, the usernames and passwords he posted are a small sample pulled from earlier username and password dumps containing upwards of 1 billion sets of stolen credentials. As a result, running a check on the site linked above doesn’t guarantee that your usernames and passwords aren’t floating around on the deep web.

To check your usernames against more complete databases of stolen credentials, visit Havibeenpwned.com and Pwnedlist.com.

Zach Epstein
Zach Epstein Executive Editor

Zach Epstein has been the Executive Editor at BGR for more than 10 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.

His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.