top | item 46760292

(no title)

So I just searched my email on HIBP again. Most of the leaks I see there were from old websites I hardly cared about securing from many years ago. But, in general, how do I find out what has actually been leaked (if it's not website specific)?

I'm not going to change all of my passwords every time a random website that I used briefly ten years ago leaks my low effort password.

discuss

edgineer|1 month ago

There are sites for searching for your (or anyone else's) publicly revealed information, but the one free one I knew of was forced offline.

Downloading the datasets--there are so many with so few options to obtain them. The mega-compilations likely won't include everything, either, like your license plate numbers or all your compromised addresses, nor the site from which hackers stole it.

So basically don't bother. If you want the same experience, open up notepad, HIBP, and your password manager, and make a little doxx file on yourself, in CSV or JSON.

LeifCarrotson|1 month ago

You shouldn't have to change any passwords on other sites because you shouldn't be reusing passwords.

consp|1 month ago

I use separate emails for all accounts and that get's me in trouble when companies "consolidate" accounts because "everyone uses the same email for all accounts". Your good idea might be true, practice is not.

I've had this twice now in one year ...

Saris|1 month ago

Each site should ideally have a unique password so you only need to change that one.

conartist6|1 month ago

Exactly! Then you write each password down in your notebook of passwords and pat yourself on the back for how hard it would be to compromise all your accounts in one go ;)