Internet users generally have several email addresses which are used to open social media accounts around the web. When you open these social media accounts, you have to come up with a password and sadly enough, a majority of people come up with such basic passwords which hackers use to breach their accounts.
You might have also seen stories of major social networks and email services that got breached and credentials from millions of accounts get leaked on the Internet. There is a lot of information out there available to hackers and this guy decided to make it easy for any hacker to sell this information to unscrupulous dealers in the dark web.
Troy Hunt yesterday published a blogpost where he says he aggregated what he called “Pwned Passwords” into a database with 320 million passwords which is insane. He aggregated from combo lists which had email addresses and plain text passwords.
One combo list in example had over 805 million rows of email addresses and plain text passwords of which only 593 million are unique. This means there are a lot of email accounts with more than one passwords attached to them which form the difference. What he ended up with was a total of 319.9 million unique Pwned Passwords.
Troy wants this database to be used so that people can search for leaked passwords when registering new accounts or when changing your password to make your accounts secure.
Well if you trust his online search engine, you can check whether your email address or old passwords were breached or you can download the two archives which total to around 5.5GB which are compressed for offline use. The passwords are in hash form (SHA1) instead of plain text since these passwords could contain personal information like names, birthdays or even emails. Just make sure not to search your current password since you can never trust any online websites.
I have been pwned on 5 sites.
Yikes! Change everything
I think am clean after my search. I’m smiling
[…] Hackers usually use such databases to sell your information and thankfully there are people who compile such databases to see if your password or email address is among the ones that have […]
Never been hacked before but I believe that this is a great innovation. Technological Advancements is what everyone should embrace today.
[…] have seen a lot of password leaks over the time and you can see them on this database, although we are lucky that using them could be a thing of the […]
[…] has been highlighted by Troy Hunt, the popular security authoritarian who runs the website haveibeenpwned that has a database of millions of leaked passwords an email addresses that you shouldn’t […]
Comments are closed.