Re: How to check whether your email address has been compromised?

Quote from: tranthidung on Today at 05:37:08 AM

Quote from: pakhitheboss on Today at 05:29:04 AM

First website:

Have i been pwned?

Are you safe if you enter your email address and check on that site?

I guess you will be not. It is a trap. Instead showing your email address publicly, on the forum and anywhere else, you enter it and check on that site. Are you sure that they won't keep your email address on their database and will see it to other companies?

Please make sure that:

Don't publicly show your email address.
For important accounts, allocate specific emails for those accounts and don't use them for other purposes on other platforms.
Don't self-breach your email address by arbitrarily enter your email addresses and check on any site (like what you supposed)

As far as I know, you just have to enter your email address and check their databases if your email has been breached or not. And then they have this services that will let you notify when your email has been breached.

Troy Hunt, the man behind this project:

Quote

I'm Troy Hunt, a Microsoft Regional Director and Most Valuable Professional awardee for Developer Security, blogger at troyhunt.com, international speaker on web security and the author of many top-rating security courses for web developers on Pluralsight.

https://haveibeenpwned.com/About

So pretty much he has outstanding credibility specially in the field of security.

Actually you can download the lists of passwords: https://haveibeenpwned.com/Passwords. But it is still protected by SHA-1 and NTLM hash.

Alternatively, there are a lot of independent developers who improved evolved IHBP. From, Android apps/iOS apps/Windows Phone apps/PHP libraries & sites/Python scripts and many more: https://haveibeenpwned.com/API/Consumers.

And if by any chance someone once to donate to the project, they are accepting BTC as donation: https://haveibeenpwned.com/Donate