Greetings, weary tech[no] traveler!
Breached databases are a common occurrence in this digital age we live in. Login credentials are leaked onto the internet all the time. Adobe, Snapchat, Dominos Pizza, are just a few of the countless companies and institutions who had their costumers account information stolen; including usernames, email addresses, and passwords (more like password hashes). At the beginning of 2015 many costumers of companies, such as Intuit (known for their Turbo Tax software) and the University of Oregon, became data breach victims. Most of the time they're rarely notified that their data has been compromised and available to anyone on the internet, for long periods of time. This is the polar opposite of good!
Despair not! There is website that will tell you if your email address was found in a leaked user credentials database. It's called haveibeenpwned.com. It's a pet project of a heavy weight champion in the world of web security, Troy Hunt. Just enter in an email address. The site will check it's database of breached sites and return it's results to you.
You're probably thinking "Wait a sec...I bet whoever is running this site is harvesting email addresses! Why should I believe the Tech[no] Survival Guide?". You don't have to believe me. Check out the details for yourself.
Not only does haveibeenpwned check single email address through it's web interface, it also provides a handy API. So, you can write your own programs that use this awesome service! Which is what I did. I wrote a handy python script, called checkpwnedemails, that is capable of checking a single email address or multiple email addresses right from your command line interface. Also, it can write the results to a (tab delimited) text file. Which can be useful for reports, or storing in a database for later analysis. It's free (as in, free beer) and open source. You can get a copy of it from here.
To use checkpwnedemails, you need to have a python 2.7 (or greater) installed on your computer.
To check a single email, type the following command:
python checkpwnedemails.py -s <email_address>
To limit the results to breached websites:
python checkpwnedemails.py -b -s <email_address>
To limit the results to login credentials found in paste sites (such as pastebin):
python checkpwnedemails.py -t -s <email_address>
To check multiple email addresses, provide a text file listing the email addresses you wish to check (one address per line):
python checkpwnedemails.py -i <list_of_email_addresses>
If you want the results to only contain email addresses that were pwned, pass the -p option, like this:
python checkpwnedemails.py -p -i <list_of_email_addresses>
Of course, the -b and -t tags can be used as well.
If you want to print the results to a (tab delimited) text file:
python checkpwnedemails.py -i <list_of_email_addresses> -o <name_of_output_file>
If you did not provide the -b or -t option, then two files (one for breaches and one for pastes) will be created by default.
If you find that your email address(es) was in haveibeenpwned's database, it would be in your best interest to immediately change the password of the corresponding account. As a matter of fact if you (or someone you know) are one of those people who use the same password for everything, then change all your passwords (and use a different password for each account!).
No comments:
Post a Comment