Have I Been Pwned, the website that tracks compromised passwords, has announced that it will now work with the FBI to include any hacked and stolen passwords found in its investigations.
Stolen passwords have become big business over the years, with criminals selling them in bulk, with financial log-in details especially commanding a high price.
This extra source of passwords is excellent news for the security conscious, which should be every one of us.
How Will Have I Been Pwned and the FBI Work Together?
HaveIbeenpwned.com has long since been an invaluable resource for anyone wanting to ensure that their password is secure, as it's effectively an online database of passwords that have been comprised. Users can enter their email address, and see if they've been the victim of any data leaks and hacks.
Troy Hunt, the creator of Have I Been Pwned, announced on his blog that the site will now work with the FBI, which will share with the website any compromised passwords directly with the site that have been uncovered during its investigations.
“We are excited to be partnering with HIBP on this important project to protect victims of online credential theft. It is another example of how important public/private partnerships are in the fight against cybercrime,” said Bryan A. Vorndran, Assistant Director, Cyber Division, FBI.
As for when this will happen, well, it could be a little way off. On his blog, Hunt stated that the implementation of this new feed from the FBI would need some dedicated coding, and, in his own words said, “If I'm completely honest, I don't have all the answers on how things will proceed from here,” appealing to coders in the community to help him build the required system.
How Can I Keep my Passwords Safe?
The average person has to remember over 100 passwords, so it's no wonder that sometimes we get a bit sloppy and let our standards drop, such as using the same one across multiple sites. However, this small lapse in best practice could end up costing you big – if someone gets hold of your password for Amazon, let's say, it also means that they could be holding your password for your bank account, social media and more, and the damage they could wreak is potentially huge.
Here are a few pointers to make sure that your password is secure as possible:
- It goes without saying, but don't be tempted to use the same password across multiple sites
- Get into the habit of checking haveibeenpwned.com regularly to ensure that your details haven't been comprised
- Devise a strong system for creating passwords – we've got a few suggestions
- Don't share your passwords – no, not even your Netflix one
- Enable 2-Step verification where possible
- Invest in a password manager
Should I Use a Password Manager?
With so many passwords to remember, a password manager can really take a weight of your mind when it comes to creating and remembering passwords. With one, logging into a website is as simple as clicking a button, and many will also suggest new passwords for you, or just create them outright. No more relying on the name of your first pet (‘Snuggles' just isn't going to cut it anymore). Some even alert you when your password has been comprised in a leak, letting you act fast.
For just a few dollars a month, we think that a password manager is well worth the money. Of course, there are also free options, but you'll likely out grow their restrictions pretty quickly. Many password managers include a free trial, so you can give them a go before spending a cent.
Local Storage Option
Password Generator Function
A password manager can create secure, complex passwords for you. You won't need to remember them yourself.
Live Chat Support
Overall cost per year for a single user.
Cheapest available business plan
Click to Try
BEST ON TEST
Tech.co is reader-supported. If you make a purchase through the links on our site, we may earn a commission from the retailers of the products we have reviewed. This helps Tech.co to provide free advice and reviews for our readers. It has no additional cost to you, and never affects the editorial independence of our reviews. Click to return to top of page