In my last post about password managers, I mentioned that sometimes a database containing user information gets leaked within a data breach.
These databases are often sold for extra profit, or because the hacker which leaked it has not enough computing power to crack the hashes efficiently.
https://haveibeenpwned.com/ helps you check if any of your accounts are affected by a breach, by simply entering your email. You can either check manually or sign up for notifications on data breaches which affect your email.
What to do and expect if you have been pwned?
- Change your password immediately at the affected service
- In case you use that email/password combination anywhere else, you have to change your password there too
- You will be targeted by spam mail and there is nothing you can do about it, except relying on your spam filter
In case you don't know how to store your passwords efficiently, check out my post on password managers