How to know if your password has been hacked
Unfortunately, piracy has become commonplace on the Internet. And one of the biggest blunders you can make if to think that it will only happen to others, that if you don't do anything, you'll never have a problem. Unfortunately, it's not so simple. So how can you know if your account has been hacked?
No, it doesn't only happen to others. It just takes a spot of bad luck, and suddenly, you're one of the ones if wasn't supposed to happen to. Everyone (or nearly everyone) is likely to get hacked at some point. Even big names on the Internet can be hacked, like Apple and Yahoo. But how can you know if you've been hacked? Let's start with some basic elements:
Check if you've activated maximum security
If you're unlucky, the service you use may have been hacked, and a thief would then have access to the service's database. Service managers may contact you to explain the situation, and if you're on social media, you'll find out pretty quickly anyway.
If the target is not a business/service, things depend a little more on yourself. Have you enabled all security settings? For example, some services use a 2-step verification system. The odds of being hacked with this feature are minimized, and even if this were to happen, you would be notified. For example, Google, Facebook and Dropbox will send you a message to let you know that someone has tried to access your account from a new device.
Check how safe your password is
Of course, not all websites offer a wide range of security options. You must therefore think long and hard on the main element for confidentiality: the password. If the service is hacked, the quality of your password will not really make a difference but if you are personally targeted, it makes sense to pick a safe password.
So how can you tell if your password is secure enough? You've probably heard left, right and center that a secure password must have a mix of numbers, letters and sometimes special characters. The problem is that machines that try to figure out your password are also aware of this, so by creating a mix of these characters, you're not necessarily making the account impossible to hack, you're only making it more difficult because they'll have to test a greater number of combinations that include numbers and special characters. Bill Burr, the creator of the secured password standards, explained the problem. In short, he says to make sure you get creative with your password and make sure it's not just a single word with characters at the start or end. If your password is "Password31", you should probably consider making it a bit more complicated.
These two tips can give you an idea of the situation of your account's security but they can't tell you if you've been hacked. So how can you be sure?
Look at the symptoms
In theory, your account may have been hacked without you even realizing it. In practice, it's less obvious because if someone has bothered to get hold of your account details, they probably plan to do something with it. Either they'll use your account directly, for example change your password, purchase things from your account or send spoof mail to your contacts, or they'll use it indirectly to scrape other information they find in your account. Thus, they can use/sell your personal data, etc.
Check online if you have been hacked
If piracy is done on a large scale, you can check whether you were hacked or not. A security expert has created a list of all the victims after every known attack, and allows users to check if their account was hacked. The website is called Have I been pwned? You just have to type in your email address, and the website will tell you whether or not someone knows your password.
You can also type your password and the website tells you if it has been compromised. In both cases, the database is huge (over 300 million passwords) since it gathers hacked accounts from LinkedIn, VK, MySpace, Badoo, Dropbox and many more.
Have you ever had your account hacked? How did you know it had been hacked? Share your experiences in the comments below.
Sure, I will tell this website my password in combination with my IP address..!
The page you advise to login is insecure....!!!! WHY?
ERROR MESSAGE
This site can’t provide a secure connection
haveibeenpwned.com uses an unsupported protocol.
Can you try that again? We don't get any error message on the website. Have you tried using a different browser?
From media reports, the biggest problem along with poor passwords is using the very same password for multiple services. It's best to have a unique pw for every login. I also use different email services for serious personal / financial matters and a disposable email for news sites, etc. I've had a few alert emails from service providers with advice to change a password. The only time I was hacked was the day after a service complaint to tech support of a cable television service - that email account was hacked to send spam under my real name to the entire address list, pretty certain that was revenge from some idiot nerd at the cable company.