• How to see my password found in a data breach

    Home » Forums » Cyber Security Information and Advisories » Cyber Security for Home Users » How to see my password found in a data breach

    • This topic has 10 replies, 3 voices, and was last updated 4 months ago.
    Author
    Topic
    #2418711

    I use a service of H&R Block called Tax Identity Shield. From time to time then send me email notifications of alerts if accounts I have registered with that service are found in data breaches. Sometimes the breach occurred several years ago but was just discovered and sometimes the breach occurred recently. Most of the time the alert indicates that my email address was found and most of the time it says the password was found. I don’t think this means the password for my email account was in the breach but rather some account for which I used my email address as the user name was found. See attachment 1. Next to “PASSWORD FOUND” there is a little circle with a lower case i in it. If you click that you see the message shown in attachment 2. I understand the logic of not showing my password but on the other hand if I were able to see the password, I could search for it in my password file and if I find it I know for sure I want to change that password. I have about 400 entries in my password file and most of them use my email address as the user name. It is not practical to change the password for all those accounts every time I get one of these alerts. My password file prompts me to change passwords once a year and even that is a daunting task. Does anyone know if there is a service that would allow one to see the password that was found in a data breach by entering your email address and then receiving an email from the service and click a link in that email?

    Tax-Identity-Shield-Notification-1

    Tax-Identity-Shield-Notification-2

    Thanks,
    Don

    1 user thanked author for this post.
    Viewing 1 reply thread
    Author
    Replies
    • #2418723

      Not sure if this is what you’re looking for, but check out these two sites for email and password breach confirmations:

      https://haveibeenpwned.com

      https://haveibeenpwned.com/Passwords

      HTH/Chuck

      • #2418960

        I tried the second link provided by anonymous but the file I downloaded is a Torrent file and 7zip doesn’t open it. Doing a search on the web it says I need to install an app like uTorrent. Is that correct? I have never used Torrent files before. All I know about them is one of my coworkers at my last job used Bit Torrent to download pirated copies of movies, which I have never done.

        Don

        • #2419083

          The second link is a site where you enter your password and it will be checked for you. No need to download the data file.
          Passwords you enter are not sent to HIBP – see this post.

          cheers, Paul

        • #2419270

          Damn, I forgot to log in before my last reply. Hopefully the moderator will post my reply under my login, Snoopdon.

        • #2419268

          I have over 400 accounts. Entering my password for each account into this web page would take me days or weeks. If I can download the file and run an algorithm to compare it to my password file to find matches that would be much more efficient. Can someone just answer my question instead of giving answers I didn’t ask for?

          Thanks,
          Don

        • #2419556

          Be nice, we are all volunteers here.

          cheers, Paul

          2 users thanked author for this post.
        • #2420167

          My bad, Let me try again.

          I have over 400 accounts. Entering my password for each account into this web page would take me days or weeks. If I can download the file and run an algorithm to compare it to my password file to find matches that would be much more efficient. Can someone on this forum provide me with the procedure for opening the file that I downloaded from this page? That is what I would like. https://haveibeenpwned.com/Passwords

          Thanks,
          Don

        • #2420633

          The data file is a list of hashes so you need to hash the password, test/search, return for each password.

          Others have done this work for you via the HIBP API.
          https://github.com/GideonLeGrange/haveibeenpwned

          Or you can download the file and run a (very slow on 10GB) search using PowerShell.
          https://tfl09.blogspot.com/2017/08/creating-sha1-hash-using-powershell.html

          cheers, Paul

    • #2418735

      I see no value in changing your passwords regularly. Change one if it has been compromised.

      Use long and strong passwords that are unique for each site. Then any compromise will not affect your other logins.

      It is also worth using email aliases instead of your actual email in an attempt to limit spam. I use e4ward for mine, but very occasionally some (clever) website programmers “verify” the email address and refuse to accept it – probably because it has 2 dots in it (anon@you [dot] e4ward [dot] com).

      cheers, Paul

      1 user thanked author for this post.
      • #2418907

        e4ward

        very interesting service thanks Paul

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
    Viewing 1 reply thread
    Reply To: How to see my password found in a data breach

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.