Keep an eye on your passwords leaked in hacks or data breaches

Keep an eye on your passwords leaked in hacks or data breaches

Data breaches are becoming all too common and in case your personal data such as login details have been breached, you are unlikely to learn about it til the affected company or website notifies users. Yet, there are tools which can give you a heads-up and a precious window to change your online account passwords before they are sold on the dark web. When one recycles the same IDs and passwords for multiple accounts, the risks gets magnified.

According to security company Norton, a data breach is a security incident in which information is accessed without authorisation. “Data breaches can hurt businesses and consumers.” The average cost to a company that suffers a data breach is $3.86 million, according to a study by the Ponemon Institute in Michigan. No company or online entity is immune with firms like Alibaba, Volkswagen, LinkedIn, Weibo and Facebook being at the receiving end of hackers accessing user data in the past.

Secret powers of your web browser app

Your web browser may be in a better position to warn you much before anything else. That is, if you have set it up to monitor your passwords. Microsoft’s Edge web browser (the new one that’s on Chromium—in case you are still using the old one with an earlier Windows version) has the integrated Password Monitor which will notify you if there is any saved password which has figured in a data breach. Apple’s Safari Compromised Password monitoring will notify you using pop-ups and also when you open a new tab.

Mozilla, the people behind the popular Firefox web browser for computers and phones, have a free tool called Firefox Monitor, which collects data updates from popular online tool Have I Been Pwned. You simply need to punch in your email address in the Firefox Monitor website, and it’ll check if that email address has figured in any data breach since 2007. If you use the Firefox web browser, it’s integrated well within the contours. There is detailed info on exactly what data was collected in the breach, along with suggestions for corrective measures, including updating the password for that account.

Google accounts have a built-in password manager that lets you save login details from the Chrome web browser for PCs and phones. The password manager tool, also accessible via the web browser (Google Account > Password Manager), has something called Password Checkup that’ll tell you which email IDs and passwords have figured in data breaches—the latter is important, because a lot of users tend to use the same password for multiple online accounts.

Security tools watching for hacks

Security company Avast has a tool called Avast Hack Check, which is available on the web and it will be able to scan and share red flags from a database of as many as 3,999,706,436 (and counting) stolen passwords. Another security firm F-Secure has the free F-Secure Identity Theft Checker tool which does pretty much what you’d expect of it—check your email ID for when it may have figured in a data breach over the past few years and all the other personal information that may have been included in the breach—passwords are the most vulnerable.

The limiting thing with both these tools is they will collect the data and share the complete breach report with you on the email in question—in case you have been locked out of that for some reason, or the stolen password has been used by a hacker to gain access, that could get a bit inconvenient. Either tool doesn’t generate a report that you may glance though on the web browser itself.