Pwned Passwords was or still is a database where you can check if you’re passwords/ identity is leaked on the internet or not, the database and website is maintained by an (ex?) MVP Microsoft employee and can be trusted since it doesn’t collect any information you type in. The website is also mentioned in my own POTARC list.


Check if your passwords are compromised or if someone else uses your Account

The database is very easy to use, just type-in your Twitter, GMail, Facebook,.. eMail/Account or Password and the database will search if there is an entry for it, if there is one you get a result back if you’re account/password is compromised or not. Of course, even if there is no hit it doesn’t mean it couldn’t be abused anyway because the database is far from complete and it never will be but it integrates lots of leaked information which it checks against.

Database upgrade from 5,3 to 8,8 GB

The first version (Aug. 2017 checked) had 5,3 GB and version 2 now includes 8,8 GB which is really a massive database now, a bigger database means that it checks against more known vulnerable services/leaks.

In case you want to generate secure (or more secure) passwords you could use a password manager like KeePass or just generate secure passwords with the Pwned Passwords site. In case you want manually inspect the Database - this is possible however, you require a Large File Viewer and an SHA-1 Hash Tool to do that the databases are downloadable via torrent or as direct link packed via 7-zip.

People still using weak passwords for no reason

There is no reason to use weak passwords, maybe a lot of the folks out there using weak passwords because they’re too lazy to use password manager programs or too ignorant to see the possible risk. The login you use is only as secure as the password you choose and writing it down on a paper can also already help, it’s not that there are several options you could use like: Paper, SmartPhone, Password Manager, your Brain or external hardware like a YubiKey.

Generating strong passwords is easy, just use a sentence like: Ilikecheck-kochsblogandIstartedtofollowim2017 this is an example and you can easily remember it, just remember the sentence.