Have you recently received an email informing you that an email account of yours has been affected by a security problem?
Don’t worry, we’ll explain how to solve it easily!
You’re going to learn more about Have I Been Pwned today.
What Is “Have I Been Pwned” Used For?
Have I Been Pwned is an online tool that allows us to find out if our passwords have been leaked.
We can say that Have I Been Pwned works as a database where users can check if their data has been leaked online.
It not only acts to see if our access codes have been stolen but also email addresses, names, and telephone numbers. Today our data can be used for many different purposes.
They could include us in Spam campaigns, send personalized Phishing attacks, and many methods that require knowing certain information about the victim to have a higher probability of success.
This service is responsible for showing leaks that may have been in the network. For example, let’s say that a database of a streaming video platform has suffered an attack or vulnerability and all of this has remained publicly on the Internet.
Anyone could access user passwords, email, etc. What Have I Been Pwned does is indicate to that user, through the database, that their e-mail or password may have been exposed.
Therefore we can say that from the beginning this Internet service was created with the intention that users can see if their information has been leaked.
When a problem appears in a social network or any service that we use, we will be able to know if we have been one of the users that have been affected.
How to Use Have I Been Pwned in 2023
Using Have I Been Pwned is very simple. The first thing we have to do is enter its website and there we will find different options.
A screen will pop up for you to put your email or phone number in order to find out if any of the two has been compromised through a service database leak.
This could be a privacy problem since we could even start receiving spam constantly.
We can also know the same but regarding our passwords. To check that out, you just have to click on the “Password” section from the menu above. Again, write or paste your password and click on “pwned?”.
In our case, as an example, we have put the password “123456”, which logically is a very exposed password and not at all secure. It tells us that it has been leaked many times and recommends that we change it as soon as possible.
If the password were secure, a green message would appear indicating that it is not exposed.
You can use it from time to time or as soon as you see that there may have been a leak in a service you use, such as a social network, a bank account, email, etc.
You may see that a password has been leaked when using Have I Been Pwned. Perhaps an old record, a forum that you used and no longer use, a social network that you barely log in to, or, on the contrary, something that you do use in your day-to-day.
Whatever the case, you should take action as soon as possible and avoid issues that compromise your security and privacy.
The first thing is to change the password. That should be immediately, as soon as you know there is some risk that your account has been stolen or could be compromised.
You must put a password that you have never used and that is completely random. It must contain letters (both uppercase and lowercase), numbers, and also other symbols that provide maximum protection.
Also, it is interesting that you think you have used that password somewhere else.
If so, you should change it on all of them. For example, if you see that the Facebook password has been leaked but you use the same one in Gmail, you should also change it in the Google service and avoid problems.
As an additional step, to further increase security, it may be a good option to enable two-factor authentication in all services where possible.
It is an extra security barrier that you are going to add to prevent an intruder from entering.
It consists of receiving a code by SMS, email, or through an application, to verify that we are the legitimate user who is trying to enter the account.
Is Have I Been Pwned Legit and Safe to Put Your Email In?
Yes, Have I Been Pwned is legit and safe.
For almost a decade, HIBP has proven itself to be an essential tool for everyday internet users, organizations, and even governments, including the UK, Australia, and Romania.
Although centralized monitoring for breaches in government domains is performed by their respective cybersecurity arms, such as the NCSC, ACSC, and CERT-RO, these organizations cannot query websites beyond government domains.
As HIBP’s creator, Troy Hunt, explained in a 2018 blog post, these organizations only have access to domains that their employees can already query via the existing free domain search model.
Hunt, a trusted name in cybersecurity, maintains the service on his own and ensures maximum transparency. If you’re interested in learning more about this, you can find in-depth details here.