6 Signs You Have a Compromised Password and How to Fix It
- A compromised password is still a possibility despite how careful you are with your online logins.
- You can check Have I Been Pwned to see if you’ve been compromised, or use a password checker built into Windows, Mac, iPhone, Android, or Chrome.
- Here’s how to see if any of your passwords have been compromised across a variety of devices and browsers.
For years, tech experts have talked about replacing passwords with better technology, but for now we’re still ruled by passwords—often hundreds of them for all the devices, apps, services, and websites we routinely visit. And despite our best efforts to create strong and secure passwords, they are sometimes compromised. Do you have any compromised passwords on your phone or computer? Here are some ways to find out.
Signing that your password has been compromised
Unfortunately, the implications of having a compromised password are serious, and most of the obvious warning signs are evidence that you’ve already been hacked, which is hardly ideal. Therefore, you should proactively check for compromised passwords every now and then, and not wait until disaster strikes. Here are the main signs that you may have a compromised password.
- A website alerts you that someone has changed your password. Hackers can try to change the password of a website or service after gaining access with a broken password. This way they can take control from you, the rightful owner. Fortunately, many sites send a confirmation email after changing your password, or ask you to confirm with a second factor authentication. If you are notified of a password change, your password has likely been compromised and you should take immediate action to protect your account.
- You see changes to a website or account that you didn’t make. If a hacker logs into one of your accounts, you may see changes you didn’t make yourself. If so, take immediate action to change your password before the hacker does, potentially causing you to lose control of your account entirely.
- You can find your password at HIBP. Troy Hunt, a Microsoft executive, runs a helpful website called HIBP (Have I Been Pwned). You can enter your credentials here to see if you have compromised accounts. It’s a quick, easy and safe way to check your overall security.
- You see your password listed in a leaked password checker. You should regularly check your passwords using a tool built into your Mac, Windows, iPhone or Android. You must perform this check yourself because it is not automatic.
- Your information appears in a password dump. On a depressingly regular basis, there are news reports of major hacks that include huge collections of leaked passwords. When such news stories break, there are often websites or tools offered so you can check if your own credentials were caught.
- Someone tells you that you have been hacked. If a friend, colleague or family member informs you that they have received something unusual from one of your accounts or noticed strange behavior from you online, consider yourself hacked and take immediate action to see if you can gain access to the account and change the password.
How to find compromised passwords on a Mac
If you have macOS Monterey, you can use the built-in password checker to see if any of your passwords are potentially compromised.
1. click on apple icon at the top left of the desktop and then click System selection.
2. Click Password. You may need to enter your password to continue.
3. On Password page, you can browse your passwords that may have been compromised. Click on an entry for more information and click Change your password on the website to update it.
How to find compromised passwords in Windows
Unfortunately, there is no general password checker in Windows, but Microsoft includes one in the Edge browser. If you use Edge, you can use that tool, but if you mainly use Chrome, you’ll want to use the dedicated password manager in that browser instead.
1. Start the Edge browser.
2. In the address field at the top of the screen, enter: edge://settings/passwords/PasswordMonitor and press enter.
3. IN Leaked passwords section, click Scan now.
How to find compromised passwords in Chrome
You can use Chrome’s built-in password checker to find compromised passwords.
1. In the Chrome browser, click menu with three dots at the top of the screen and in the drop-down menu, select Settings.
2. Click on the Settings page Privacy and security.
3. IN Security check section, click Check now.
4. Click when the security check is complete Review to the right of Password management.
5. On the Check Passwords page, you can browse the list of potentially compromised passwords. Click Check password for any entry to let Chrome help you update your password.
How to find compromised passwords on an iPhone
Apple includes a password manager for Safari on iPhone, and you can use it to get security recommendations that will reveal if there are any known compromised passwords.
1. Start Settings app on your iPhone.
2. Press Password.
3. On the Password page, tap Safety recommendations.
4. On the Security Recommendations page, you can browse the passwords that pose security risks. Tap the listing for more details or tap Change your password on the website to go to the website and perform a password reset.
How to find compromised passwords on an Android
Just like in the desktop browser version of Chrome, Chrome on Android has a password checker built in.
1. Start Chrome app on your Android device.
2. Press menu with three dots at the top of the screen.
3. Press Settingsand then press Password.
4. On the Password page, tap Check password.
5. After a moment, you will see a list of all saved passwords that may pose a security threat. Press change Password to let Chrome help you change your password.