Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | The Best Coffee Grinder | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Use It

author photo

How to Check If Your Accounts Have Been Hacked

by on January 19, 2017
in Computer Safety & Support, Computers and Software, Tips & How-Tos, Privacy :: 16 comments

How to Check If Your Accounts Have Been Hacked

Every few weeks brings another report of email and other personal account information being stolen from a major corporation. Last month, Yahoo revealed that more than 1 billion accounts had been hacked. Victims of the hack have been notified by Yahoo, but this may leave you wondering if one of your many accounts across the internet has been exposed, but how do you tell?

There are a slew of sites out there that consolidate the publicly available details from all the major hacks and let you search to see if your email is among them. Some are more useful than others, and some may simply be fronts for email harvesting services, so you need to be careful which you use. Our favorite, haveibeenpwned.com, tells you whether your information has been stolen, where the hack occurred and which of your personal details were compromised (e.g., user name, password, password hints, etc.). 

How to Check If Your Accounts Have Been Hacked

So what do you do when you find one of your accounts has been compromised? It's time to create a new password and I don't mean your birthday, pet's name, the word 'password' or any word, for that matter. You need your password to be smart, but not so complex you forget it.

Try for at least 8 characters (the longer the better), with a mixture of upper and lower-case letters, numbers and, if the site or service allows, special characters, such as “!,” “#” and “?.” It should be something you can remember easily. A long sentence works well when you take the first letter of each word and then substitute the vowels for numbers or symbols.

For example: The quick brown fox jumped inside the orange box and slept = Tqbfj1t0b&s

We recommend creating a different password for every site and using a password manager program to keep track of them all. There are both browser password managers and app-based services.

Use two-factor authentication—where you have to enter a password and a code (usually texted to your phone)—on any site or service that supports it.

And remember that when it comes to setting up new passwords, it's smart to lie when filling out password security questions. Most of the questions have answers that can be easily discovered by basic Google searches about you.

You can never be too careful with your privacy on the Internet.

Updated on 11/19/2017

[username on hook image via Shutterstock]



Discussion loading

gravatar

haveibeenpwned.com

From marjorie bryant on January 16, 2014 :: 11:13 am

interesting that when I try to go to this site, my security program warns against it!

Reply

gravatar

I had the same experience!!

From Amy on January 16, 2014 :: 12:03 pm

I had the same experience!! Makes me suspicious…

Reply

avatar

Which security program are you using?

From Josh Kirschner on January 16, 2014 :: 1:14 pm

We wouldn’t recommend a site if we didn’t feel comfortable that it was safe to do so. haveibeenpwned.com has been widely covered in the industry and was developed by Troy Hunt, who Microsoft has identified as a real, honest-to-goodness security professional: http://www.troyhunt.com/2013/12/introducing-have-i-been-pwned.html

I felt comfortable entering my email address (and yes, I have been pwned) and you should, too.

Reply

I was pwnd

From Killian Lori on January 16, 2014 :: 4:23 pm

I checked all my email addresses and found one had been hacked in the Adobe hack.  THanks for the tip and I now have reminders on all accounts in case they are PWND

Reply

gravatar

MAYBE I over-reacted to the

From AMY on January 16, 2014 :: 5:32 pm

MAYBE I over-reacted to the security warning. However, the link back to this article’s comments was also incorrect. A couple of tips that have always stuck with me are “DON’T FOLLOW BAD LINKS”,and “DON’T INPUT PERSONAL INFORMATION IF YOU GET A SECURITY WARNING.” I’m just sayin’...these tips have probably saved me lots of grief.

Reply

gravatar

haveibeenpwned.com

From Diane on January 16, 2014 :: 8:43 pm

Tried this and my security warned against it.. Something is not right with your info.!!

Reply

avatar

The info is fine

From Josh Kirschner on January 17, 2014 :: 1:56 am

We wouldn’t recommend the site if we weren’t comfortable with it. haveibeenpwned.com has been widely covered, including a recommendation by Sophos security expert, Graham Cluley.

When I check Norton, McAfee, AVG an TrendMicro don’t issue any site warnings. Which security software are you using? Sometimes you’ll get warnings if a site simply doesn’t have a lot of prior usage by that vendors users.

Reply

gravatar

ijustbeenpwnd

From marjorie bryant on January 17, 2014 :: 11:45 am

I redid it on my laptop which actually has a better security system (eset)
and it went through without difficulty
so thank you for the info

Reply

gravatar

Password example is fallacious

From Robert O'Hanrahan on January 18, 2014 :: 1:05 pm

Your article is useful. I just wanted to point out though that your example of a good password is not as good as it seems. “The quick brown fox jumped inside the orange box and slept” actually has TWICE the entropy of “Tqbfj1t0b&s”—more if you use another sentence that doesn’t include a common phrase like “The quick brown fox jumped”. So, you’ll really be a lot better off with the original than trying to compact it and shove in all sorts of punctuation and numeric characters, unless the site you use limits password length (which is horribly poor practice) or has complexity requirements (most of which are fallacious). Google zxcvbn to test your own passwords.

Reply

gravatar

Didn't work in Firefox

From Tom on December 02, 2015 :: 4:55 pm

A domain search (https://haveibeenpwned.com/DomainSearch) using Firefox didn’t respond but it worked fine in Edge.

Reply

gravatar

I checked the 4 main

From Ron Ablang on December 07, 2015 :: 8:27 am

I checked the 4 main emails I use on https://haveibeenpwned.com/ and all were clear.  So now what’s to keep that site from getting hacked and getting my email accounts info?

Reply

gravatar

What's use?

From Anonymous guy on December 17, 2015 :: 10:22 pm

What’s the point knowing that you have been pwned? If your email id is found on hacked data, it doesn’t mean that you have been pwned.

Reply

love "have i been pwned"

From Arizona Marek on December 20, 2015 :: 1:16 am

i subbed to it a year ago and have yet to be owned (i despise the word “pwned”).

Reply

gravatar

I had no idea that

From Patricia Anderson on February 29, 2016 :: 11:32 am

I had no idea that there were websites out there that let you know if hackers have been using your email. You always hear about your friends being hacked or identity theft. Occasionally I’ll see evidence of a friend being hacked on Facebook and I’ve been wondering if there was a way to check. Is there software available as well to track possible hackers?

Reply

Say What???

From Izraul Hidashi on January 08, 2017 :: 8:29 am

So the logic is that the site is safe because Microsoft claims they’re honest!? Wow!

The Company that lies, tricks and deceives their users all the time? Who spy, invades privacy and slip malware in unwanted updates without consent or knowledge? Updates that break things!

Oh ya.. and not to mention this year set up the window close out x button to brute force an install of that crappy unwanted garbage they call 10, instead of close the window!

Well hell,... if they say they’re honest then they must be. lol I’m sure you didn’t get pwnd visiting that site either. :/

Reply

avatar

Say "Yes"

From Josh Kirschner on January 09, 2017 :: 9:07 am

Troy Hunt is a well-known security researcher who has been recognized by Microsoft and many others in the space. We stand by our recommendation.

Reply

© 2015 Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

site design: Juxtaprose