During the Spring Festival, I suddenly received several QQ security verification codes. I don’t know if someone tried to steal the account, or I already knew the password. Fortunately, the device login verification was turned on.
In the past, people often tried to log in to my Steam and Google accounts, and every time I changed the password for security reasons. In fact, password security is a cliché topic. We all know that we should not use weak passwords, different websites, and applications should not use the same password, but most people still use simple passwords for convenience and easy memory.
The database security factor of some websites is relatively low. The password of your registered account is not encrypted in the database, but is displayed in plain text. If the website is attacked and the database authority is obtained, then your account password is at risk of being leaked, which has also appeared before. Password leaks from websites such as Tya/Yku/CSDN. Then the illegals used this password to hit the credential on other websites.
If you are already worried that your account password has been leaked, today Pan Xianren will share with us some methods to check whether the password is leaked.
Firefox Monitor Firefox Monitor is a free online tool launched by Firefox to detect whether an account has been leaked. Just enter your email account to check whether the account has been leaked data. In addition, you can subscribe to the security push, so that you can be the first time Know that the website leaks.
Share 5 ways to check whether your password is leaked, with corresponding security measures – the principle of Pan Xianren is that when you enter your email account, Firefox Monitor will automatically query the website that has leaked the database to see if your account has been registered. website.
Visit: https://monitor.firefox.comHaveIbeenPwned This website, Have I been pwned, has entered the list of database leaks that have been published on the Internet in recent years. Similarly, you only need to enter your commonly used registered email address/mobile phone number to query. The website will match against the database to tell you whether the account you use has security risks.
Share 5 ways to check whether your password is leaked, with corresponding security measures – if the Panxianren query result is displayed in green, it means that your account is not displayed in the leakage database, if it is displayed in red, it will be found. How many duplicate account information.
Visit: https://monitor.firefox.comEdge/Google If you are accustomed to using Edge’s own password management to record account passwords, the password security in the settings will also prompt the relevant leaked account passwords, which site can be seen. What password is leaked, if you think it has not been leaked, you can also click the ignore button around it.
Share 5 ways to check whether your password is leaked, with corresponding security measures – the password manager of Pan Xianren in Google browser will also display your leaked account password, enter Settings – Automatic Fill – Password – Check Password – Click Check the start scan.
Share 5 ways to check whether your password is leaked, with corresponding security protection measures-panxianren online detection: passwords.google.comIntelligence X This Intelligence X website shows that 13 billion pieces of data have been entered. In addition to supporting email account queries, it also supports Support website, IP address, CIDR, Bitcoin and other leak queries, with advanced custom search function.
Share 5 ways to check whether your password is leaked, with corresponding security protection measures – Pan Xianren, but there may be too much data entered, and the result matching is a bit vague, but it can also be used as a reference, and it is recommended to check it again.
Visit: https://intelx.ioDehashed network security company Dehashed online query tools, collected more than 10 billion pieces of information, cover a lot of data, support user name, email, address, support regular expression and other methods to query .
Share 5 ways to check whether your password is leaked, with corresponding security protection measures – Panxianren search results are the same as Intelligence X, and the amount of information covered is more. If you are not only worried about password leakage, but also about privacy, etc. Can look up.
Visit: https://www.dehashed.com The above is the most reliable search password leakage website/method at present. There are many similar search websites, but some websites may search for too little information due to too little information. Not the information you have leaked.
In addition, there is another type of website that can directly enter your password to check whether it has been leaked, but the immortals here do not advocate it, the risk is very high.
Password protection skills, password security common sense is not to say, we all know to use complex passwords, do not need a password, and so on. Here are some other tips to share with us.
1. Don’t leave emails at will: leave your email address, ID, and phone number at will on the Internet, it is very likely that someone will go to the database to check your associated website password.
2. Register multiple email accounts: Unimportant and unreliable websites use alternate email addresses to register accounts. If you can, try not to register.
3. Open multi-authentication: Most of the mainstream social software and mailboxes now support multi-identity/two-step authentication. You can log in only after entering mobile phone text messages, verification codes, and dynamic passwords.
4. Use password management software: Using password management software can also improve security, here Pan Xianren advocates local password management software priority, such as: KeePass, BitWarden, Enpass and other free software.
5. Prevent fake websites: I believe we have all seen some reports of fake SMS website links. Some illegal elements have induced you to log in to fake websites to obtain your password. So before logging into some websites, be sure to make sure that the website is an official website.
6. WIFI passwords are equally important: someone with a heart will steal your WIFI account and then link to your home network. By sniffing and capturing packets, some related account passwords may be obtained, so your WIFI account password is safe. It also needs to be improved, and it is recommended to hide the WIFI name directly. Now most routers have this function.
7. Prevent hypocrisy software: A long time ago, there were many hacking software that pretended to be a social soft login interface. They recorded your password through the method of keyboard recording and then uploaded it to the designated server. Although there are many fewer now, most antivirus software can also defend against it. , but beware of the same.
It is concluded that most of the stolen passwords of users are mainly due to the lack of network security protection awareness and self-protection awareness. It is hoped that this article can improve the security concept of network users.
Oh, by the way, some users are not stolen, but they keep forgetting their passwords, and I am talking about myself.

 

春节的时候突然收到几条 QQ 的安全验证码,不知道是否有人试图盗号,还是已经知道密码了,幸好开启了设备登录验证。

在之前也经常有人试图登录我的 Steam、Google 账号,每次为了安全起见我都会重新修改密码。其实密码安全是个老生常谈的话题了,都知道不应该用弱口令、不同网站、应用不要用统一的密码,但是大多数人为了图方便好记,还是会用简单的密码。

有些网站的数据库安全系数比较低,你注册的账号密码在数据库里面并没有采用加密,
直接明文显示,如果网站被攻击拿到了数据库权限,那么你的账号密码就有被泄漏的风险,之前也出现过T涯/Y酷/CSDN等网站密码泄露事。然后非法分子用了这份密码在别的网站上撞库。

如果你已经担心账号密码被泄漏,今天盘仙人就给大家分享查看密码是否泄露的一些方法。

Firefox Monitor

Firefox Monitor 是火狐浏览器推出的在线免费检测账号是否泄露的工具,只要输入你的邮箱账号就可以查询该账号有没有被泄露过数据,另外还可以订阅安全事推送,让你第一时间知道网站泄漏事。

分享 5 种查看你的密码是否泄露的方法,附对应的安全保护措施-盘仙人

原理就是当你输入邮箱账号后 Firefox Monitor 会自动查询已经泄露数据库的网站,看你的账号是否注册过该网站。

访问:
https://monitor.firefox.com

HaveIbeenPwned

这个 Have I been pwned 网站收录了最近几年被公布在网络上的数据库泄漏名单,同样只需要输入你常用的注册邮箱地址/手机号码进行查询。网站就会根据数据库进行匹配告诉你,你使用的账号是否存在安全隐患。

分享 5 种查看你的密码是否泄露的方法,附对应的安全保护措施-盘仙人

查询结果如果显示为绿色,表示你的账号并没有出现在泄漏数据库中,如果出现的是红色,会出现发现了多少个重复的账户信息。

访问:
https://monitor.firefox.com

Edge/Google

如果你习惯了用 Edge 自带的密码管理来记录账号密码,在设置里面的密码安全也会提示相关泄漏的账号密码,优点可以看到哪个网站泄漏的什么密码,如果你觉得没被泄漏,也可以点击旁边的忽略按钮。

分享 5 种查看你的密码是否泄露的方法,附对应的安全保护措施-盘仙人

在 Google 浏览器的密码管理器同样会显示你泄漏的账号密码,进入设置 – 自动填充 – 密码 – 检查密码 – 点击检查开始扫描。

分享 5 种查看你的密码是否泄露的方法,附对应的安全保护措施-盘仙人

在线检测:
passwords.google.com

Intelligence X

这个 Intelligence X 网站表示收录了 130 亿条数据,除了支持邮箱账号查询外,还支持网站、IP 地址、CIDR、比特币等泄漏查询,拥有高级自定义搜索功能。

分享 5 种查看你的密码是否泄露的方法,附对应的安全保护措施-盘仙人

不过可能收录的数据太多,搜索出来的结果匹配有点含糊,但是也能作为参考吧,建议也查询一遍。

访问:
https://intelx.io

Dehashed

网络安全公司 Dehashed 在线查询工具,收集了一百多亿条信息,覆盖的数据量非常多,支持用户名、邮箱、地址、支持正规则表达等多种方式查询。

分享 5 种查看你的密码是否泄露的方法,附对应的安全保护措施-盘仙人

搜索结果同样和 Intelligence X 类似,覆盖的信息量比较多,如果你不仅担心密码泄漏,还担心隐私啥的,也可以查询看看。

访问:
https://www.dehashed.com

以上就是目前比较靠谱点的查询密码泄漏网站/方法了,同类的查询网站还有非常多,但是一些网站由于收录的信息量太少,或许搜不到你已经泄漏的信息。

另外还有一类网站
可以直接输入你的密码查询是否被泄漏,但是这里盘仙人不建议哦,风险非常大。

保护密码技巧

密码安全常识就不多说了,都知道要用复杂的密码、不要一个密码行天等。这里给大家分享一些其它的小技巧吧。

1.不要随意留邮箱:在网络随意留你的邮箱地址,ID、电话,这很有可能被人去撞库查询你相关联的网站密码。

2.注册多个邮箱账号:不重要、不可靠的网站用备用邮箱注册账号,能不注册的尽量不要注册。

3.开启多重验证:

现在主流的社交软、邮箱大多数都支持多重身份/双步验证,可以通过输入手机短信、验证码、动态密码的方式后才能登录。

4.使用密码管理软:用密码管理软也可以提高安全性,这里盘仙人建议本地密码管理软优先,例如:KeePass、BitWarden、Enpass 等免费软。

5.防范虚假网站:相信大家都看过一些虚假短信网站链接的报道了吧,一些非法分子通过诱导的方式让你登录虚假的网站从而获得你的密码。所以登录一些网站前,一定要先确保网址是否官方网站。

6.WIFI密码同样重要:
有心人会盗取你家的 WIFI 账号后链接上你家的网络,通过嗅探抓包的方式可能会获取到一些相关的账号密码,所以你家的 WIFI 账号密码安全性也需要提高,建议直接隐藏掉 WIFI 名称,现在大多数路由器都有这个功能了。

7.防范虚假软:
在很久前不少伪装社交软登录界面的盗号软,通过键盘记录的方式记录你的密码然后上传到指定的服务器里,虽然现在少很多了,大多数杀毒软也能防御,但同样要预防。

总结

大部分用户密码被盗多是因为缺少网络安全保护意识以及自我保护意识,希望通过本文可以提高网络用户的安全观念。

噢,对了,有些用户不是被盗,而是自己老忘记密码,说的就是我自己。

不查不知道 一查吓死宝宝了 赶快用 Firefox Monitor 检查你的密码是否被盗

发表评论

后才能评论