Everyone uses multiple passwords to protect their identity and data from hackers, but that doesn’t work out all the time. This is where security experts like Troy Hunt come into the equation, making our digital lives secure, or at least, trying their best to make them mishap-free.
The guy is popular for starting off the Have I been pwned? service, which helps users check if their email ID has been hacked or not.
His latest attempt to keep us secured shows up in the form of Pwned Passwords, which tries to help you in choosing a password which hasn’t been breached already. He has created this service using a database of 500 million passwords compiled from previous breaches.
But more importantly, Troy’s latest security tool has been integrated by the team at 1Password, who are letting their users access the service, preventing them from digital mishaps – a common sight these days.
We loved Troy’s new service so much that we couldn’t help but create a proof of concept that integrates it with 1Password.1Password team
It’s been less than a week since Troy announced Pwned Password, and he didn’t forget to admire the speed at which the 1Password team was able to make his service plug-in with theirs.
How to Check For Pwned Password?
- Sign in to account on 1Password.com
- Click Open Vault to view the items in a vault and click an item to see its details
- Enter Shift-Control-Option-C (or Shift+Ctrl+Alt+C on Windows) to unlock the character of password
- Click the Check Password button that appears next to password
As you can see in the demo video above, the password details aren’t revealed to the users, instead, you get to see them in an encrypted format.
I want to reiterate that Troy’s new service allows us to check your passwords while keeping them safe and secure. They’re never sent to our or his service. The server sends back a list of leaked password hashes that start with those same five characters. 1Password then compares this list locally to see if it contains the full hash of your password. If there is a match then we know this password is known and should be changed.1Password team
But they were quick to point that even if your password is found, that doesn’t necessarily mean it has been breached.
If your password is found, it doesn’t necessarily mean that your account was breached. Someone else could have been using the same password.1Password team
Either way, it’s good to see experts like Troy Hunt chipping in with their inputs and products to protect users from getting hacked.
(Hey lady, what makes you laugh? Do you laugh at sexism, patriarchy, misogyny, or other 'sanskari' stereotypes? This Women's Day, join The Quint's Ab Laugh Naari campaign. Pick up that beer, say cheers, and send us photographs or videos of you laughing out loud atburiladki@thequint.com.)
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)