Have I been Pwned - check your email address

[Macca]

It's not the 'You've been pwned' message you need to be concerned about. When you see 'All your base are now belong to us' - that's when you need to worry...

[Mark Grant]

Not involved in any of the named sites, which had security breaches. Thing is I don't trust these 'issue' search sites either so I am not putting my details into it.

Always good to be careful although I wouldn't post anything that was dodgy in any way.

The site is by Troy Hunt, one of the good guys that makes life harder for hackers.

https://haveibeenpwned.com/About

http://www.troyhunt.com/2016/01/the-...d-on-data.html

By exposing when data has been breached Troy devalues that data dump as people will start changing passwords and email addresses so the data becomes old very quickly and has little value.

[Mark Grant]

Another really big data breach revealed on that site today, one of my wifes email addresses and passwords is in the list.

https://www.troyhunt.com/password-re...-i-been-pwned/

https://haveibeenpwned.com/

[Dynamics]

It came up for me that I've been hacked from LinkedIn due to a security breach. But to be honest I think this is always going to happen and someone somewhere in the government probably knows what I'm writing anyway. So I don't really care and give it a moments thought if someone gets their kicks off of this. My stuff is probably way too boring anyway.

[AlexM]

The real security issue is that it is in human nature to re-use passwords. So if you say, used the same email address for your amazon account, ebay etc, tesco, electronic banking etc. with the same password, someone can 'legitimately' access your account by trying to log into other sites with the user id and password that they have from another account. A quick change of delivery address and account email/password combo and you can go shopping.

Worse still, sometime more than just an email address and password are on these lists - your real name, address, date of birth etc can also be misused to sign you up to services, pass credit checks etc.

Its all a bit of a minefield, but what you should think about using is a password manager like Roboform 8: it acts as a safe repositiory storing all login details securely, and it allows generation of random, hard to guess passwords that are unique to each website, as well as automating the login process. It also replicates between computers, phones etc seamlessly so your passwords are always available to you. Of course, the password store needs to be protected by a difficult to crack password, but it does enable you to use a much more secure method of navigating websites.