Find out if your password has been pwned—without sending it to a server

by
Jon Brodkin
from Ars Technica - All content on (#3GKV5)
getty-key-800x541.jpg

Enlarge / Key on digital display (credit: Getty Images | D3Damon)

A new system that securely checks whether your passwords have been made public in known data breaches has been integrated into the widely used password manager, 1Password. This new tool lets customers find out if their passwords have been leaked without ever transmitting full credentials to a server.

Security researcher Troy Hunt this week announced his new version of "Pwned Passwords," a search tool and list of more than 500 million passwords that have been leaked in data breaches. Users can access it online and developers can connect applications to it via an API.

Within a day, the company AgileBits had integrated Hunt's new tool into the 1Password password manager. AgileBits' announcement describes how it works:

Read 20 remaining paragraphs | Comments

index?i=QkIR8Rpobcg:gjthm6sjiA8:V_sGLiPB index?i=QkIR8Rpobcg:gjthm6sjiA8:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments