Hot topics

How to know if your password has been hacked

AndroidPIT virus 2
© nextpit

Unfortunately, piracy has become commonplace on the Internet. And one of the biggest blunders you can make if to think that it will only happen to others, that if you don't do anything, you'll never have a problem. Unfortunately, it's not so simple. So how can you know if your account has been hacked?

No, it doesn't only happen to others. It just takes a spot of bad luck, and suddenly, you're one of the ones if wasn't supposed to happen to. Everyone (or nearly everyone) is likely to get hacked at some point. Even big names on the Internet can be hacked, like Apple and Yahoo. But how can you know if you've been hacked? Let's start with some basic elements:

Check if you've activated maximum security

If you're unlucky, the service you use may have been hacked, and a thief would then have access to the service's  database. Service managers may contact you to explain the situation, and if you're on social media, you'll find out pretty quickly anyway. 

If the target is not a business/service, things depend a little more on yourself. Have you enabled all security settings? For example, some services use a 2-step verification system. The odds of being hacked with this feature are minimized, and even if this were to happen, you would be notified. For example, Google, Facebook and Dropbox will send you a message to let you know that someone has tried to access your account from a new device.

Screenshot 20170810 154539
Some web services will notify you every time you log into your account from a new device. / © ANDROIDPIT

Check how safe your password is

Of course, not all websites offer a wide range of security options. You must therefore think long and hard on the main element for confidentiality: the password. If the service is hacked, the quality of your password will not really make a difference but if you are personally targeted, it makes sense to pick a safe password.

So how can you tell if your password is secure enough? You've probably heard left, right and center that a secure password must have a mix of numbers, letters and sometimes special characters. The problem is that machines that try to figure out your password are also aware of this, so by creating a mix of these characters, you're not necessarily making the account impossible to hack, you're only making it more difficult because they'll have to test a greater number of combinations that include numbers and special characters. Bill Burr, the creator of the secured password standards, explained the problem. In short, he says to make sure you get creative with your password and make sure it's not just a single word with characters at the start or end. If your password is "Password31", you should probably consider making it a bit more complicated.

AndroidPIT privacy 4
A password is a virtual key that opens the door to your account. © ANDROIDPIT

These two tips can give you an idea of ​​the situation of your account's security but they can't tell you if you've been hacked. So how can you be sure?

Look at the symptoms

In theory, your account may have been hacked without you even realizing it. In practice, it's less obvious because if someone has bothered to get hold of your account details, they probably plan to do something with it. Either they'll use your account directly, for example change your password, purchase things from your account or send spoof mail to your contacts, or they'll use it indirectly to scrape other information they find in your account. Thus, they can use/sell your personal data, etc.

Androidpit facebook at work 0417
Data can be exploited for a profit. © ANDROIDPIT

Check online if you have been hacked

If piracy is done on a large scale, you can check whether you were hacked or not. A security expert has created a list of all the victims after every known attack, and allows users to check if their account was hacked. The website is called Have I been pwned? You just have to type in your email address, and the website will tell you whether or not someone knows your password.

You can also type your password and the website tells you if it has been compromised. In both cases, the database is huge (over 300 million passwords) since it gathers hacked accounts from LinkedIn, VK, MySpace, Badoo, Dropbox and many more.

Have you ever had your account hacked? How did you know it had been hacked? Share your experiences in the comments below.

  nextpit recommendation Price tip Luxury version with handle Price tip with handle For Garmin fans Mid-range tip
Product
Image Withings Body Smart Product Image Renpho Smart Body Fat Scale Product Image Withings Body Scan Product Image Lepulse Lescale P1 Product Image Garmin Index S2 Smart Scale Product Image eufy Smart Scale P3 Product Image
Deals*
Go to comment (4)
Benoit Pepicq

Benoit Pepicq
Editor

Benoit is passionate about new technologies and everything related to computers. A big Android fan since 2011, he joined the AndroidPIT team to satisfy his passion and to share his knowledge on Android with readers.

To the author profile
Liked this article? Share now!
Recommended articles
Latest articles
Push notification Next article
4 comments
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing

  • 11
    The Multiverse Aug 23, 2017 Link to comment

    Sure, I will tell this website my password in combination with my IP address..!


  • Rajeevan A. 12
    Rajeevan A. Aug 16, 2017 Link to comment

    The page you advise to login is insecure....!!!! WHY?

    ERROR MESSAGE
    This site can’t provide a secure connection
    haveibeenpwned.com uses an unsupported protocol.


    • Bastian Siewers 66
      Bastian Siewers Aug 16, 2017 Link to comment

      Can you try that again? We don't get any error message on the website. Have you tried using a different browser?


  • Albin Foro 30
    Albin Foro Aug 15, 2017 Link to comment

    From media reports, the biggest problem along with poor passwords is using the very same password for multiple services. It's best to have a unique pw for every login. I also use different email services for serious personal / financial matters and a disposable email for news sites, etc. I've had a few alert emails from service providers with advice to change a password. The only time I was hacked was the day after a service complaint to tech support of a cable television service - that email account was hacked to send spam under my real name to the entire address list, pretty certain that was revenge from some idiot nerd at the cable company.

Write new comment:
All changes will be saved. No drafts are saved when editing