This Website Lets You Check Password Strength Against 320 Million Leaked Passwords

Share on Facebook Tweet Share Reddit Comment
This Website Lets You Check Password Strength Against 320 Million Leaked Passwords
Highlights
  • Have I Been Pwned has published over 320 million passwords for everyone
  • Companies can access them and alert new users for matching passwords
  • The password data is also available for offline download

There have been plenty of data breach cases where a large amount of personal information including passwords, usernames, and email addresses have been compromised. The stolen data is often leaked online, resulting in an enormous stash of stolen credentials. But, a website that goes by Have I Been Pwned (HIBP) is coming to the rescue by making that data publicly available, so that the companies that require any sort of sign-in information from users can match the entered passwords with those in the collection, and thereupon warn users if they have been compromised before.

Troy Hunt, the mastermind behind HIBP, has revealed over 320 million passwords in his blog to help the companies secure their online network. These passwords have been aggregated from several data breaches that happened overtime, and are now available to everyone on HIBP website. However, Hunt says that the ‘pwned-passwords’ that are publicly available on his website do not disclose the email addresses and usernames that they were associated with. The website Have I Been Pwned, or HIBP, generally lets users see if their email addresses have been breached without revealing the passwords, but Hunt has created the inverse of the concept this time, in an effort to intimate Internet users and companies about passwords that can be easily hacked.

The sole motive behind HIBP’s new password service is to supply different companies about the compromised passwords, so that when any user tries to enter anything that matches they will be warned by the company to use a more secure password instead. Alternatively, since the HIBP website is open for all, any user can voluntarily go to the website and check if the password they’ve been thinking to use has not been already breached. Nevertheless, Hunt advises such users to be cautious before checking any passwords that they currently use. “The point of the web-based service is so that people who have been guilty of using sloppy passwords have a means of independent verification that it's not one they should no longer be using,” he notes in his blog.

While this service can be more securely accessed over an Internet connection, Hunt has also made the entire collection of passwords that is almost 5.3GB in size available for offline download through a ZIP file.

Since its inception, the concept of this service has been asserted positively by institutions like National Institute of Standards and Technology (NIST) and the UK's National Cyber Security Centre, which agree with Hunt’s ideology that compromised passwords should not be brought into use again by any user.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Shubham Verma Shubham can usually be found busy juggling tech news and rumours, if he is not lost contemplating the state of technology and its progress towards utopia. He is a techno-freak, who loves indulging in sci-fi books and movies. Someday, he wishes to master the art of travelling. More
iPhone SE Available on Paytm Mall for as Low as Rs. 19,990 With Cashback Offer
WhatsApp Tests Facebook-Style Coloured Text Status Feature: Report
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.