Time for a password check
Password managing app ‘1Password’ has introduced a new feature that lets people check if their password has been compromised. This new ‘proof of concept’ feature is an integration of security expert Troy Hunt’s ‘Pwned’ passwords service, which includes over 500 million leaked passwords.
People who are members of the 1Password service can avail the feature by signing into the 1Password account. Click the ‘Open Vault’ option to select an item and view its details. Users can then press Shift-Control-Option-C or Shift+Ctrl+Alt+C depending on their operating system. To unlock the feature, click the ‘check password’ button. This will unlock the ‘proof of concept’ and allow users to check whether their password matches any from the Hunt’s database. 1Password will let you know whether there is a match or not. The company also says that in case a user’s password matches any from the database, it does not have to necessarily mean that it was a data breach. This might also happen if someone else is using the same username and password. The company, however, advised that the user must nevertheless change the password in such a case.
Users also need not worry while checking the password with 1Password as they use Secure Hash algorithm 1(SHA-1) that hashes the password and sends only part of that hash to Pwned. Any password hashes with the same first five characters as the user are sent to 1Password. It is compared to the users 40-character hash.