Tech Made Simple

Hot Topics: Holiday Shopping & Gifts | 2014 Best iPhone Apps & Android Apps | Best TVs Under $500 & Under $1,000 | Apple iPhone 6

Use It

author photo

How to Check If Your Accounts Have Been Hacked

by on January 16, 2014
in Computer Safety & Support, Computers and Software, Tips & How-Tos :: 9 comments

Every few weeks brings another report of email and other personal account information being stolen from a major corporation. Last month a massive viral botnet was discovered stealing the info of over 2 million accounts from Facebook, Google and Yahoo. And the month before that, the details of a whopping 152 million accounts were stolen from Adobe. This may leave you wondering if one of your many accounts across the internet has been exposed, but how do you tell?

There are a slew of sites out there that consolidate the publicly available details from all the major hacks and let you search to see if your email is among them. Some are more useful than others, and some may simply be fronts for email harvesting services, so you need to be careful which you use. Our favorite, haveibeenpwned.com, tells you whether your information has been stolen, where the hack occurred and which of your personal details were compromised (e.g., user name, password, password hints, etc.). 

So what do you do when you find one of your accounts has been compromised? It's time to create a new password and I don't mean your birthday, pet's name or the word 'password'. You need your password to be smart, but not so complex you forget it.

Try for at least 8 characters (the longer the better), with a mixture of upper and lower-case letters, numbers and, if the site or service allows, special characters, such as “!,” “#” and “?.” It should be something you can remember easily. A long sentence works well when you take the first letter of each word and then substitute the vowels for numbers or symbols.

For example: The quick brown fox jumped inside the orange box and slept = Tqbfj1t0b&s

We also recommend creating a different password for every site and using a password manager program to keep track of them all. There are both browser password managers and app-based services.

And remember that when it comes to setting up new passwords, it's smart to lie when filling out password security questions. Most of the questions have answers that can be easily discovered by basic Google searches about you.

You can never be too careful with your privacy on the Internet. For further steps you can take, check out our 11 Simple Ways To Protect Your Privacy.

[username on hook image via Shutterstock]

Subscribe to the Techlicious Daily Email!

Get the Techlicious Guide to Great Photography as your FREE gift!

Discussion loading

gravatar

haveibeenpwned.com

From marjorie bryant on January 16, 2014 :: 11:13 am

interesting that when I try to go to this site, my security program warns against it!

Reply

gravatar

I had the same experience!!

From Amy on January 16, 2014 :: 12:03 pm

I had the same experience!! Makes me suspicious…

Reply

avatar

Which security program are you using?

From Josh Kirschner on January 16, 2014 :: 1:14 pm

We wouldn’t recommend a site if we didn’t feel comfortable that it was safe to do so. haveibeenpwned.com has been widely covered in the industry and was developed by Troy Hunt, who Microsoft has identified as a real, honest-to-goodness security professional: http://www.troyhunt.com/2013/12/introducing-have-i-been-pwned.html

I felt comfortable entering my email address (and yes, I have been pwned) and you should, too.

Reply

I was pwnd

From Killian Lori on January 16, 2014 :: 4:23 pm

I checked all my email addresses and found one had been hacked in the Adobe hack.  THanks for the tip and I now have reminders on all accounts in case they are PWND

Reply

gravatar

MAYBE I over-reacted to the

From AMY on January 16, 2014 :: 5:32 pm

MAYBE I over-reacted to the security warning. However, the link back to this article’s comments was also incorrect. A couple of tips that have always stuck with me are “DON’T FOLLOW BAD LINKS”,and “DON’T INPUT PERSONAL INFORMATION IF YOU GET A SECURITY WARNING.” I’m just sayin’...these tips have probably saved me lots of grief.

Reply

gravatar

haveibeenpwned.com

From Diane on January 16, 2014 :: 8:43 pm

Tried this and my security warned against it.. Something is not right with your info.!!

Reply

avatar

The info is fine

From Josh Kirschner on January 17, 2014 :: 1:56 am

We wouldn’t recommend the site if we weren’t comfortable with it. haveibeenpwned.com has been widely covered, including a recommendation by Sophos security expert, Graham Cluley.

When I check Norton, McAfee, AVG an TrendMicro don’t issue any site warnings. Which security software are you using? Sometimes you’ll get warnings if a site simply doesn’t have a lot of prior usage by that vendors users.

Reply

gravatar

ijustbeenpwnd

From marjorie bryant on January 17, 2014 :: 11:45 am

I redid it on my laptop which actually has a better security system (eset)
and it went through without difficulty
so thank you for the info

Reply

gravatar

Password example is fallacious

From Robert O'Hanrahan on January 18, 2014 :: 1:05 pm

Your article is useful. I just wanted to point out though that your example of a good password is not as good as it seems. “The quick brown fox jumped inside the orange box and slept” actually has TWICE the entropy of “Tqbfj1t0b&s”—more if you use another sentence that doesn’t include a common phrase like “The quick brown fox jumped”. So, you’ll really be a lot better off with the original than trying to compact it and shove in all sorts of punctuation and numeric characters, unless the site you use limits password length (which is horribly poor practice) or has complexity requirements (most of which are fallacious). Google zxcvbn to test your own passwords.

Reply

© 2014 Techlicious LLC. :: Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us :: Terms of Use | Privacy Policy

site design: Juxtaprose