Have I Been Pwned, the website that tracks compromised passwords, has announced that it will now work with the FBI to include any hacked and stolen passwords found in its investigations.
Stolen passwords have become big business over the years, with criminals selling them in bulk, with financial log-in details especially commanding a high price.
This extra source of passwords is excellent news for the security conscious, which should be every one of us.
How Will Have I Been Pwned and the FBI Work Together?
HaveIbeenpwned.com has long since been an invaluable resource for anyone wanting to ensure that their password is secure, as it’s effectively an online database of passwords that have been comprised. Users can enter their email address, and see if they’ve been the victim of any data leaks and hacks.
Troy Hunt, the creator of Have I Been Pwned, announced on his blog that the site will now work with the FBI, which will share with the website any compromised passwords directly with the site that have been uncovered during its investigations.
“We are excited to be partnering with HIBP on this important project to protect victims of online credential theft. It is another example of how important public/private partnerships are in the fight against cybercrime,” said Bryan A. Vorndran, Assistant Director, Cyber Division, FBI.
As for when this will happen, well, it could be a little way off. On his blog, Hunt stated that the implementation of this new feed from the FBI would need some dedicated coding, and, in his own words said, “If I’m completely honest, I don’t have all the answers on how things will proceed from here,” appealing to coders in the community to help him build the required system.
How Can I Keep my Passwords Safe?
The average person has to remember over 100 passwords, so it’s no wonder that sometimes we get a bit sloppy and let our standards drop, such as using the same one across multiple sites. However, this small lapse in best practice could end up costing you big – if someone gets hold of your password for Amazon, let’s say, it also means that they could be holding your password for your bank account, social media and more, and the damage they could wreak is potentially huge.
Here are a few pointers to make sure that your password is secure as possible:
- It goes without saying, but don’t be tempted to use the same password across multiple sites
- Get into the habit of checking haveibeenpwned.com regularly to ensure that your details haven’t been comprised
- Devise a strong system for creating passwords – we’ve got a few suggestions
- Don’t share your passwords – no, not even your Netflix one
- Enable 2-Step verification where possible
- Invest in a password manager
Should I Use a Password Manager?
With so many passwords to remember, a password manager can really take a weight of your mind when it comes to creating and remembering passwords. With one, logging into a website is as simple as clicking a button, and many will also suggest new passwords for you, or just create them outright. No more relying on the name of your first pet (‘Snuggles’ just isn’t going to cut it anymore). Some even alert you when your password has been comprised in a leak, letting you act fast.
For just a few dollars a month, we think that a password manager is well worth the money. Of course, there are also free options, but you’ll likely out grow their restrictions pretty quickly. Many password managers include a free trial, so you can give them a go before spending a cent.
| Local Storage Option | Two-Factor Authentication | Failsafe Function | Password Generator Function A password manager can create secure, complex passwords for you. You won't need to remember them yourself. | Help Instructions | Email Support | Live Chat Support | Phone Support | Price | Business Plan? | Business Price Cheapest available business plan | Click to Try | ||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| FEATURED  | TOP PICK  |  |  |  | |||||||||
| NordPass | LastPass | Dashlane | Sticky Password | ||||||||||
| | | | | | |||||||||
| | | | | | |||||||||
| | | | | | |||||||||
| | | | | | |||||||||
| | | | | | |||||||||
| | | | | | |||||||||
| | | | | | |||||||||
| | | | | | |||||||||
| $1.69/month | $2.40/month | $8 per user/month | $19.99 per year | ||||||||||
| | | | | | |||||||||
| $19.95/10 users | $2.51 user/month | $3.20/user/month | $60/user | $29.99/user/year | |||||||||
| Try 1Password | Try NordPass | Try LastPass | Try Dashlane | Sticky Password |
If you click on, sign up to a service through, or make a purchase through the links on our site, or use our quotes tool to receive custom pricing for your business needs, we may earn a referral fee from the supplier(s) of the technology you’re interested in. This helps Tech.co to provide free information and reviews, and carries no additional cost to you. Most importantly, it doesn’t affect our editorial impartiality. Ratings and rankings on Tech.co cannot be bought. Our reviews are based on objective research analysis. Rare exceptions to this will be marked clearly as a ‘sponsored’ table column, or explained by a full advertising disclosure on the page, in place of this one. Click to return to top of page
