How to Use Have I Been Pwned

PDF download Download Article
PDF download Download Article

Want to find out if your personal data was exposed to hackers in a security breach? Have I Been Pwned is a safe and legitimate website that can tell you if any of your passwords are compromised. Not only can you search Have I Been Pwned to find out whether your email address, username, password, or other private information is floating around the dark web, you can also receive alerts if your accounts are found in future data breaches. This wikiHow article will show you how to safely search for your accounts on Have I Been Pwned,

Part 1
Part 1 of 3:

Checking your Email Address

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/0\/03\/Have-I-Been-Pwned-Home-Page.png\/460px-Have-I-Been-Pwned-Home-Page.png","bigUrl":"\/images\/thumb\/0\/03\/Have-I-Been-Pwned-Home-Page.png\/728px-Have-I-Been-Pwned-Home-Page.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    1
    Type https://haveibeenpwned.com/ in your browser and hit Enter .
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/1\/1b\/Have-I-Been-Pwned-Home-Page-Enter-Email-address.png\/460px-Have-I-Been-Pwned-Home-Page-Enter-Email-address.png","bigUrl":"\/images\/thumb\/1\/1b\/Have-I-Been-Pwned-Home-Page-Enter-Email-address.png\/728px-Have-I-Been-Pwned-Home-Page-Enter-Email-address.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    2
    Enter your email address into the email address box.
    Advertisement
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/5\/55\/Have-I-Been-Pwned-Click-pwned.png\/460px-Have-I-Been-Pwned-Click-pwned.png","bigUrl":"\/images\/thumb\/5\/55\/Have-I-Been-Pwned-Click-pwned.png\/728px-Have-I-Been-Pwned-Click-pwned.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    3
    Click pwned? . This will search the database to see if your email address is in it.
    • You can also press the Enter key.
  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/a\/a1\/Have-I-Been-Pwned-results.png\/460px-Have-I-Been-Pwned-results.png","bigUrl":"\/images\/thumb\/a\/a1\/Have-I-Been-Pwned-results.png\/728px-Have-I-Been-Pwned-results.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    4
    Review the results. If your email address was found in a breach, then you will see red screen with the message saying, "Oh no - Pwned!" You can scroll down to see the list of data breaches and pasts that you were involved in.
    • If your email address was not involved in a data breach, then you will see a green screen that says, "Good news - no pwnage found!"
      • Just because your email address was not found does not necessarily mean that it was never involved in a data breach, it just means that it was not found in Have I Been Pwned. [1]
    • If you were involved in a breach, then you should change the password for the sites that it says that you were breached in and change the password anywhere else you used it if your password was also leaked in the breach.
    • Note that sensitive data breaches won't appear on this list. Sensitive breaches are breaches that you probably don't want anybody to know that you're in if you are in them (like the Ashley Madison breach). If you want to see sensitive breaches, then you will have to subscribe for notifications and click on the link in the verification email that you receive. [2]
    EXPERT TIP

    Brandon Phipps

    Technology Specialist
    Brandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.
    Brandon Phipps
    Technology Specialist

    Regularly monitor data breach sources to stay informed about what it takes to protect your accounts. Everything online is vulnerable to hacking. Use compromised password services to detect account and password breaches. It allows you to search across multiple data breaches to see if any of your online data has been compromised.

    5. Advertisement
Part 2
Part 2 of 3:

Subscribing for Notifications

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/0\/03\/Have-I-Been-Pwned-Home-Page.png\/460px-Have-I-Been-Pwned-Home-Page.png","bigUrl":"\/images\/thumb\/0\/03\/Have-I-Been-Pwned-Home-Page.png\/728px-Have-I-Been-Pwned-Home-Page.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    1
    Navigate to haveibeenpwned.com .
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/d\/dd\/Have-I-Been-Pwned-Home-Page-Click-Notify-Me.png\/460px-Have-I-Been-Pwned-Home-Page-Click-Notify-Me.png","bigUrl":"\/images\/thumb\/d\/dd\/Have-I-Been-Pwned-Home-Page-Click-Notify-Me.png\/728px-Have-I-Been-Pwned-Home-Page-Click-Notify-Me.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    2
    Click on the "Notify Me" tab near the top of the page.
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/4\/4d\/Have-I-Been-Pwned-Notify-Me-page-enter-email.png\/460px-Have-I-Been-Pwned-Notify-Me-page-enter-email.png","bigUrl":"\/images\/thumb\/4\/4d\/Have-I-Been-Pwned-Notify-Me-page-enter-email.png\/728px-Have-I-Been-Pwned-Notify-Me-page-enter-email.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    3
    Enter your email address into the box that says, "enter your email address".
  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/f\/f8\/Have-I-Been-Pwned-Notify-Me-page-CAPTCHA.png\/460px-Have-I-Been-Pwned-Notify-Me-page-CAPTCHA.png","bigUrl":"\/images\/thumb\/f\/f8\/Have-I-Been-Pwned-Notify-Me-page-CAPTCHA.png\/728px-Have-I-Been-Pwned-Notify-Me-page-CAPTCHA.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    4
    Complete the CAPTCHA.
  5. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/c\/cf\/Have-I-Been-Pwned-Notify-Me.png\/460px-Have-I-Been-Pwned-Notify-Me.png","bigUrl":"\/images\/thumb\/c\/cf\/Have-I-Been-Pwned-Notify-Me.png\/728px-Have-I-Been-Pwned-Notify-Me.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    5
    Click on notify me of pwnage .
  6. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/c\/c8\/Open-Hotmail-Step-3-Version-3.jpg\/v4-460px-Open-Hotmail-Step-3-Version-3.jpg","bigUrl":"\/images\/thumb\/c\/c8\/Open-Hotmail-Step-3-Version-3.jpg\/aid11320932-v4-728px-Open-Hotmail-Step-3-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Have I Been Pwned will send a confirmation email to you with a link that you have to click in order to verify your email.
  7. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/4\/43\/Open-HIBP-email.png\/460px-Open-HIBP-email.png","bigUrl":"\/images\/thumb\/4\/43\/Open-HIBP-email.png\/728px-Open-HIBP-email.png","smallWidth":460,"smallHeight":213,"bigWidth":728,"bigHeight":337,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    7
    Open the email from Have I Been Pwned.
  8. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/a\/a0\/HIBP-confirm-subscription.png\/460px-HIBP-confirm-subscription.png","bigUrl":"\/images\/thumb\/a\/a0\/HIBP-confirm-subscription.png\/728px-HIBP-confirm-subscription.png","smallWidth":460,"smallHeight":213,"bigWidth":728,"bigHeight":337,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    8
    Click on the Verify my email button. You may have to scroll down to see it.
  9. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/e\/e6\/HIBP-Verification-confirmed.png\/460px-HIBP-Verification-confirmed.png","bigUrl":"\/images\/thumb\/e\/e6\/HIBP-Verification-confirmed.png\/728px-HIBP-Verification-confirmed.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    9
    Review the results. After clicking on the verification link, you will be subscribed to receive emails if your email address is ever involved in a future data breach.
    • You will also be able to see if you have been involved in any sensitive data breaches here. Sensitive data breaches are data breaches from sites that you probably don't want anybody else to know about. For privacy reasons, these breaches will only show up on this page once you verify your email, they will not appear on the public search page. [3]
    10. Advertisement
Part 3
Part 3 of 3:

Using Pwned Passwords

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/c\/c1\/Pwned-Passwords-Page.png\/460px-Pwned-Passwords-Page.png","bigUrl":"\/images\/thumb\/c\/c1\/Pwned-Passwords-Page.png\/728px-Pwned-Passwords-Page.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    1
    Navigate to haveibeenpwned.com/Passwords .
    • You can also navigate to the home page , and then click on the "Passwords" tab at the top of the page.
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/7\/7a\/Pwned-Passwords-Page-Enter-Password.png\/460px-Pwned-Passwords-Page-Enter-Password.png","bigUrl":"\/images\/thumb\/7\/7a\/Pwned-Passwords-Page-Enter-Password.png\/728px-Pwned-Passwords-Page-Enter-Password.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    2
    Enter a password into the Password box.
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/c\/cb\/Pwned-Passwords-Click-pwned.png\/460px-Pwned-Passwords-Click-pwned.png","bigUrl":"\/images\/thumb\/c\/cb\/Pwned-Passwords-Click-pwned.png\/728px-Pwned-Passwords-Click-pwned.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    3
    Click pwned? .
  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/3\/3d\/Pwned-Passwords-review-results.png\/460px-Pwned-Passwords-review-results.png","bigUrl":"\/images\/thumb\/3\/3d\/Pwned-Passwords-review-results.png\/728px-Pwned-Passwords-review-results.png","smallWidth":460,"smallHeight":215,"bigWidth":728,"bigHeight":341,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    4
    Review the results. If the password has appeared in a data breach, then a message will appear saying "Oh no - pwned!", and it will tell you how many times it has appeared before. If the password has not appeared in a data breach, then a message will appear that says "Good news - no pwnage found!".
    • If a password that you use has been pwned, then you should not use it anymore and immediately change it anywhere you do use it.
    • Just because a password wasn't found in the Pwned Passwords database does not mean that it is a good password.
    5. Advertisement

Community Q&A

Search
Add New Question
  • Question
    How does Have I Been Pwned? figure my email was compromised at some websites that I have never been to, joined, had an account with, or otherwise had any association?
    R2_d2000
    Top Answerer
    It's possible that someone else signed up for an account with your email address at these websites without your knowledge.
    Thanks! We're glad this was helpful.
    Thank you for your feedback.
    If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission. Support wikiHow
    Yes No
    Not Helpful 0 Helpful 2
Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
      Advertisement

      Tips

      • You can opt-out of Have I Been Pwned by navigating to the Opt-out page and following the on-screen instructions. [4]
        Thanks
        Helpful 0 Not Helpful 0
      • You can not find out what password was used for what email address and vice-versa. This is for security reasons, and the email addresses and passwords are not even stored together, so it would be impossible anyways. [5]
        Thanks
        Helpful 0 Not Helpful 0
      • If you use 1Password, then all of your accounts and passwords are already checked through Have I Been Pwned with Watchtower. [6] [7]
        Thanks
        Helpful 0 Not Helpful 0
      Show More Tips
      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Name
      Please provide your name and last initial
      Submit
      Thanks for submitting a tip for review!
      Advertisement

      Warnings

      • If one of your passwords has been compromised, then don't use that password anymore.
        Thanks
        Helpful 0 Not Helpful 0
      • If one of your accounts has been compromised, then you should immediately change the password for that account and change the password on any of you other accounts that use the same password.
        • Note: You should use a different password for every account that you use. You can use a password manager or book to help you remember all of them.
        Thanks
        Helpful 0 Not Helpful 0
      Advertisement

      You Might Also Like

      5 Easy Ways to Get Around ChatGPT Security Filters
      How to
      Screen Share Crunchyroll on Discord with Friends
      How to
      Download and Install Cinema HD on Fire Stick
      Character AI: What It Is, Fixing Filters & Repeats, & More
      Starting Again on Tinder
      How to
      Use Quora
      Simple Ways to Make a GIF Your Wallpaper
      How to
      Avoid Being Banned on Soulseek
      FastPeopleSearch.com Removal: Opt Out & Delete Your Info
      7 Ways to Resolve the “Missing File Privileges” Error on Steam
      How to
      Check the TLS Version for a Website & Your Browser
      Funny, Flirty, & Creative Bumble Bios for Girls
      Simple Steps to Solve "Spotify Can't Play This Right Now"
      3 Simple Ways to Share Your Venmo Link
      Advertisement

      References

      1. https://haveibeenpwned.com/FAQs
      2. https://www.troyhunt.com/heres-how-im-going-to-handle-ashley/
      3. https://www.troyhunt.com/heres-how-im-going-to-handle-ashley/
      4. https://www.troyhunt.com/have-i-been-pwned-opting-out-vtech-and/
      5. https://www.troyhunt.com/here-are-all-the-reasons-i-dont-make-passwords-available-via-have-i-been-pwned/
      6. https://1password.com/haveibeenpwned/
      7. https://blog.1password.com/finding-pwned-passwords-with-1password/
      8. https://www.pcworld.com/article/252024/create_a_different_secure_easy_to_remember_password_for_every_site.html
      9. https://www.howtogeek.com/141500/why-you-should-use-a-password-manager-and-how-to-get-started/

      About This Article

      Thanks to all authors for creating a page that has been read 33,835 times.

      Is this article up to date?

      Advertisement