Have I Been Pwned?

Remember when you were a teenager, and signed up for your first online service ever? Do you remember the password you used? You probably don’t, but the internet might.

Chances are that, throughout your life, you’ve used an online service that has been subject to attacks, with malicious users being able to obtain confidential information like your password. I’m going to make it personal here: my email address has been seen in at least ten public security breaches, including incidents involving trustworthy companies like LinkedIn and Dropbox.

How do I know?

I use a very useful service called haveibeenpwned.com (HIBP), created by Troy Hunt, an Australian web security expert. The site collects information about public data breaches and allows you to see whether your personal information was in any of these breaches. There’s no shame in being involved in one of these data breaches, as it’s not really your fault. This is, for example, the result of looking up the email address of Larry Page, one of Google’s co-founders: