Day 3: Check for Leaked Passwords

Why Checking for Leaked Passwords is Important

When a company is hacked, its stored usernames and passwords can be leaked online. Hackers use these leaked credentials to try logging into other accounts—a tactic known as credential stuffing.

By checking whether your passwords have been exposed in a data breach, you can change them before hackers exploit them.

Step 1: Use Bitwarden’s Data Breach Report

Bitwarden provides a Data Breach Report feature that checks if your email addresses have been involved in known breaches.

How to Check for Leaked Passwords in Bitwarden:

  1. Open Bitwarden (the website), login and go to Reports → Data Breach.
  2. Enter your email addresses.
  3. Bitwarden will list any breaches associated with your email.
  4. For each compromised account, change the password immediately (see Step 3).

🔹 Tip: If you find breached accounts you no longer use, consider deleting them instead of securing them.

Step 2: Use Have I Been Pwned (HIBP)

Have I Been Pwned is a widely-trusted tool for checking whether your email or password has appeared in a data breach.

How to Check for Breaches:

  1. Visit https://haveibeenpwned.com/.
  2. Enter your email address and check for breaches. (Don’t worry - this is safe)
  3. If your email is found in breaches, change the passwords for affected accounts and any other accounts that use the same password

Step 3: Change Compromised Passwords

For any account with a leaked password:

  1. Log into the affected account.
  2. Change the password to a new, strong, unique password (use Bitwarden’s password generator).
  3. Enable Two-Factor Authentication (2FA) if possible.
  4. Update your saved login in Bitwarden.

You should also consider other accounts that use the same email and password combination. Concentrate on the most important accounts first.

Next Steps

Tomorrow’s task will focus on simplifying your browser setup, and will be a lighter day.

Action for Today: Run a breach check on your main email addresses and update any compromised passwords!

🔒 Stay ahead of hackers—check and update regularly!

Month of Security
Day 3: Check for Leaked Passwords
http://comicmuse.net/p/c906788cd7674cb98be27c4bff29e3b6/
Author
comicmuse
Posted on
March 2, 2025
Licensed under