See If Your Passwords Have Been Cracked by Adding “Pwned Passwords” to 1Password
Anyone who knows about the bad reputation of companies like Equifax or Kickstarter when dealing with sensitive information is probably wondering about the strength of their passwords. Randomly generated passwords are usually more secure than passwords you invent yourself (looking at you, “abc123”). Now you can check if your password is on the ever-growing list of leaked passwords using 1Password , which has simply integrated the Pwned Passwords hacked password database into its app.
Troy Hunt is the developer of Have I Been Pwned , a free site that allows users to enter their email address and compare it to a database of compromised accounts. Remember when Kickstarter and Bit.ly were compromised a few years ago ? Well, you can use Have I Been Pwned to see if your account was on the list of hacked accounts. With Pwned Passwords, you can check the strength and popularity of other passwords you use and compare them with a database of over 500 million public passwords, passwords associated with hacked accounts.
To start using Pwned Passwords with 1Password, you need to enable this feature by logging into your 1Password account. Select the login item and press Shift-Control-Option-C if you’re on a macOS computer, or Shift-Ctrl-Alt-C on Windows. You will then see the Check Password option, which will let you know if this password is present in the Pwned Passwords database.
If yours is found in the database, it is much more likely to be cracked than passwords that are not on the Pwned Password cracked list. Hackers use techniques such as “credential filling,” which uses databases of username and password pairs to quickly find accounts that can be easily compromised. If your character string is not randomly generated by a password manager like 1Password, you should use Pwned Passwords to check the strength of your current selection ( and then change it anyway ).