PDF download Download Article PDF download Download Article

Want to find out if your personal data was exposed to hackers in a security breach? Have I Been Pwned is a safe and legitimate website that can tell you if any of your passwords are compromised. Not only can you search Have I Been Pwned to find out whether your email address, username, password, or other private information is floating around the dark web, you can also receive alerts if your accounts are found in future data breaches. This wikiHow article will show you how to safely search for your accounts on Have I Been Pwned,

Part 1
Part 1 of 3:

Checking your Email Address

PDF download Download Article
  1. 1
    Type https://haveibeenpwned.com/ in your browser and hit Enter .
  2. 2
    Enter your email address into the email address box.
    Advertisement
  3. 3
    Click pwned? . This will search the database to see if your email address is in it.
    • You can also press the Enter key.
  4. 4
    Review the results. If your email address was found in a breach, then you will see red screen with the message saying, "Oh no - Pwned!" You can scroll down to see the list of data breaches and pasts that you were involved in.
    • If your email address was not involved in a data breach, then you will see a green screen that says, "Good news - no pwnage found!"
      • Just because your email address was not found does not necessarily mean that it was never involved in a data breach, it just means that it was not found in Have I Been Pwned. [1]
    • If you were involved in a breach, then you should change the password for the sites that it says that you were breached in and change the password anywhere else you used it if your password was also leaked in the breach.
    • Note that sensitive data breaches won't appear on this list. Sensitive breaches are breaches that you probably don't want anybody to know that you're in if you are in them (like the Ashley Madison breach). If you want to see sensitive breaches, then you will have to subscribe for notifications and click on the link in the verification email that you receive. [2]
    EXPERT TIP

    Brandon Phipps

    Technology Specialist
    Brandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.
    Brandon Phipps
    Technology Specialist

    Regularly monitor data breach sources to stay informed about what it takes to protect your accounts. Everything online is vulnerable to hacking. Use compromised password services to detect account and password breaches. It allows you to search across multiple data breaches to see if any of your online data has been compromised.

  5. Advertisement
Part 2
Part 2 of 3:

Subscribing for Notifications

PDF download Download Article
  1. 1
    Navigate to haveibeenpwned.com .
  2. 2
    Click on the "Notify Me" tab near the top of the page.
  3. 3
    Enter your email address into the box that says, "enter your email address".
  4. 4
    Complete the CAPTCHA.
  5. 5
    Click on notify me of pwnage .
  6. Have I Been Pwned will send a confirmation email to you with a link that you have to click in order to verify your email.
  7. 7
    Open the email from Have I Been Pwned.
  8. 8
    Click on the Verify my email button. You may have to scroll down to see it.
  9. 9
    Review the results. After clicking on the verification link, you will be subscribed to receive emails if your email address is ever involved in a future data breach.
    • You will also be able to see if you have been involved in any sensitive data breaches here. Sensitive data breaches are data breaches from sites that you probably don't want anybody else to know about. For privacy reasons, these breaches will only show up on this page once you verify your email, they will not appear on the public search page. [3]
  10. Advertisement
Part 3
Part 3 of 3:

Using Pwned Passwords

PDF download Download Article
  1. 1
    Navigate to haveibeenpwned.com/Passwords .
    • You can also navigate to the home page , and then click on the "Passwords" tab at the top of the page.
  2. 2
    Enter a password into the Password box.
  3. 3
    Click pwned? .
  4. 4
    Review the results. If the password has appeared in a data breach, then a message will appear saying "Oh no - pwned!", and it will tell you how many times it has appeared before. If the password has not appeared in a data breach, then a message will appear that says "Good news - no pwnage found!".
    • If a password that you use has been pwned, then you should not use it anymore and immediately change it anywhere you do use it.
    • Just because a password wasn't found in the Pwned Passwords database does not mean that it is a good password.
  5. Advertisement

Community Q&A

Search
Add New Question
  • Question
    How does Have I Been Pwned? figure my email was compromised at some websites that I have never been to, joined, had an account with, or otherwise had any association?
    R2_d2000
    Top Answerer
    It's possible that someone else signed up for an account with your email address at these websites without your knowledge.
Ask a Question
      Advertisement

      Tips

      • You can opt-out of Have I Been Pwned by navigating to the Opt-out page and following the on-screen instructions. [4]
      • You can not find out what password was used for what email address and vice-versa. This is for security reasons, and the email addresses and passwords are not even stored together, so it would be impossible anyways. [5]
      • If you use 1Password, then all of your accounts and passwords are already checked through Have I Been Pwned with Watchtower. [6] [7]
      Show More Tips
      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Name
      Please provide your name and last initial
      Thanks for submitting a tip for review!
      Advertisement

      Warnings

      • If one of your passwords has been compromised, then don't use that password anymore.
      • If one of your accounts has been compromised, then you should immediately change the password for that account and change the password on any of you other accounts that use the same password.
        • Note: You should use a different password for every account that you use. You can use a password manager or book to help you remember all of them.
      Advertisement

      About This Article

      Thanks to all authors for creating a page that has been read 34,650 times.

      Is this article up to date?

      Advertisement