It is quite alarming to think that every now and then, there are major websites out there that gets hacked. Such incidents could compromise any private or personal information and the next thing you know, you are already one of those unlucky users whose accounts got compromised due to data breach. Fortunately, there is a quick and easy way for you to find out if your online account has been leaked. All you need to do is to scan your email using this free web service called Have I Been Pwned.
What is it and what does it do
Have I Been Pwned, also known as HIBP, is a free web service that you can use to find out if your online account has been hacked or your password leaked. The concept behind this service is fairly simple. The website uses a database of known hacks and breaches. You input your email address in the website and it searches those databases for accounts/passwords associated with the inputted email. It lets you know if your account happens to be one of those that were compromised in a website breach.
- Easy to use, very accessible – no download required
- Tells you if your accounts and passwords (all types of accounts) is at risk of being disclosed or compromised due a website breach
- Uses the data that comes from website breaches that has been made publicly available such as the accounts that were breached from Adobe, Sony, Yahoo, Gawker, Vodafone, Pixel Federation and Stratfor
- Fast response – analyses your email to search for compromised accounts in just a matter of seconds
- Identifies the website where your data was taken – ex. from Yahoo and Adobe
- This web service will only analyze your email address and look for accounts that have been compromised. It won’t take any action to inform you how to protect your account so it is up to you to take some safeguarding measures such as changing your password, etc.
- Won’t be able to identify all account leaks and hacks; Have I Been Pwned is only able to help you find info on compromised accounts if there is publicly available info on leaked/hacked accounts (e.g. Gawker revealing which accounts’ passwords were leaked). So don’t let this be the end all be all.
The online world is like a vast jungle where the wolves are just waiting to devour their next prey. Besides, there is no guarantee that your account is always safe. At some point in time, you might register to a certain service or online community that requires you to create an account using your email address and password. Who knows? These services and online communities might fall prey to those cunning data thieves and hackers. As for you, the information that you have submitted to those websites will undoubtedly be disclosed without your permission. So what happens next? Would you just sit there and do nothing? This is why you should at least take the initiative to determine if your account is at risk or not.
With Have I Been Pwned, you are given the opportunity to find out if your account info has been leaked or stolen. All you need to do is to type your email in the empty field provided and then you click the “pwned?” button to know if your accounts are still safe or not. While the web service does not fully reveal how it scans and collects your data, it did state that all of its data were collected from those website breaches that were made publicly available. This includes the data were breached from Adobe, Sony, Yahoo, Gawker, Vodafone, Pixel Federation and Stratfor.
To use this service, simply go to the official website of HIBP (see link below at the end of this review) then enter your email address in the empty field then click the “pwned?” button. Once done, you need to wait for a few seconds to view the result. The service will then analyze the email address that you entered and it will tell you if it’s “safe” or “pwned”. If it finds out that your email has been “pwned”, it will then show you a list of sites where your email was taken.
What I like about Have I Been Pwned is that it is fairly simple to use. It is also a very straightforward service so do not expect that it will give you something that is already beyond what it is intended to do. Still, it’s good enough to know that this web service offers a way for you to find out if your email address is at risk of being leaked and abused.
Just keep in mind that while this web service can provide you with the information that you need to assess the status and security of your email and password, it does not go beyond that. It is totally up to you to initiate some counter measures such as changing the password of your email account.
Conclusion and download link
Have I Been Pwned is a very useful tool for users who wish to know if their online accounts have been compromised in a data or website breach. The major downside to this service is that it doesn’t provide any action to safeguard the account, so you are on your own in searching for ways to protect yourself (which typically involves changing your password, at the very least). Still, if you suspect your account info may have been leaked in a recent website breach, this tool is for you.
Version reviewed: N/A
Requires: Any type of web browser (Chrome, Firefox, IE, Safari, Opera, etc.) on any desktop operating system (Windows XP, Vista, 7, 8, Mac OS X, Linux)