If you’re online then you know nobody is safe. We’ve witnessed some colossal hacks in recent years, whether we’re talking about Target, Yahoo, Equifax, Yahoo, or Yahoo, to name just a few of the more prominent ones. Hackers usually steal a treasure trove of information about users, including login credentials for the hacked site.
While it may not be your fault that your data was just stolen in a massive cyber heist, if you recycle passwords between various online accounts, then it’s your fault if someone breaches other accounts. Thankfully services like 1Password can offer you better protection by making it easy to use unique passwords for each online service you’ve got an account for. And thanks to the guy who’s been following all these recent security breaches, 1Password can now tell you whether your password has been already pwned.
Troy Hunt is the name of the man behind the Have I been Pwned? site that tells you whether your accounts were included in various data breaches. Hunt used the available online dumps to come up with a new password checker services, Pwned Passwords, upon which 1Passwords has built its new feature.
The service, TechCrunch reports, is free of charge so anybody can incorporate the data into similar products. The passwords, meanwhile, aren’t available in text mode — instead, they’re hashed with SHA-1. A Cloudflare developer named Junade Ali then figured out a way to anonymize the process, so that validation of leaked passwords can be processed without the risk of having the actual passwords leak.
This is where 1Password steps in. To see if the password for an online account has been breached, all you have to do is go to 1Password.com and sign into your account, though you do need to be a paying subscriber of the service for it to work. Then open your vault, and click on the item you suspect.
Then, enter Shift-Control-Option-C on Mac or Shift+Ctrl+Alt+C on Windows to unlock the new feature. A Check Password button will let you then check the integrity of your password, as seen in the following video demo.
Regardless of the result, you should still change that password to something else, especially if that particular account is included in any of these databases. And since you’re already using 1Password, why not harness the service’s password generator tool to come up with something that’s unique and secure?