Passwords are meant to be our protectors in the digital universe. But they have always had threats. However, there was a time when the only trouble was when people were using passwords like 123456. But over the past few years, leaked passwords have become the bane of our existence. It's precisely why we're moving toward a passwordless future.
But for now, as long as we're still using passwords, we do have some respite against password leaks – Password Managers. Most Password Managers these days have undertaken the task of monitoring the data breaches on the web to see if a user's password has been leaked. Now, most browsers these days have native password managers, and today, we'll discuss the three most widely used browser password managers and how you can find leaked passwords using each.
What Does It Mean If a Password is Leaked?
Password leaks generally happen when a website's database of usernames and passwords is targeted by hackers and exposed online.
Leaked usernames and passwords are often published online or sold on the Dark Web (the online black market). Once your username and password become a part of this list, you should no longer use it. Hackers use automated scripts to run username-password combinations on websites to hack into accounts.
And on top of that, a lot of people reuse passwords on multiple websites. So, if a password that you're reusing gets leaked, it makes multiple accounts vulnerable.
For important accounts, you can become victim of identity theft, fraud, illegal fund transfers, or other illegal activities.
A Password Manager regularly monitors these online databases to make sure that your credentials aren't among them. Now, to match your passwords against the ones in the data breach, these password managers must access them first. Does it mean that you're simply handing over your information visible to these password managers? Are you swapping the devil for another devil? No.
Any trusted password manager worth its salt uses powerful encryption to protect your passwords. If your passwords do appear in the data breach, even the Password Manager itself is not privy to the information about which passwords were compromised. So, you can rest easy on that account.
Now that you know why it's important to stay on top of leaked passwords, let's get to the business of finding them.
Find Leaked Passwords in Google Chrome
If you're a Chrome user, launch Google Chrome. It’s got that multi-colored circle as its icon, you can't miss it.
Then, click the 'Settings' (three-dots) icon from the right of the address bar and go to 'Google Password Manager' from the menu.
Now, go to 'Password Checkup'.
If you don't see a banner on the main menu as above, then click the 'Check-up' option from the menu on the left sidebar.
The password checker will kick into action. It'll list any password leaks, reused passwords, and weak passwords. To see the leaked passwords, go to the 'Compromised Passwords' option.
You'll see all the websites, along with usernames, for which the passwords have been found in a data breach. To change a password, click the 'Change Password' option.
It'll take you to the website. Follow the steps for changing the compromised password that'll be unique to each website.
Find Leaked Passwords in Microsoft Edge Wallet
Microsoft Edge is steadily becoming a heavily used browser across the globe. Recently, Microsoft also announced a redesigned Edge Wallet, which combines payments and password management in Edge.
To find leaked passwords if you're an Edge user, click the 'Settings and more' icon (three-dot menu) on the right of the address bar and go to 'Settings' from the menu.
Then, go to 'Passwords' from the right pane.
You might have to first enable the option for Password monitoring using Edge. Click on 'More Settings' to expand the options.
Then, turn on the toggle for 'Show alerts when passwords are found in an online leak'. However, if you're signed into your Microsoft account and syncing the passwords, this option will be automatically enabled and greyed out.
Now, click the 'Go to Wallet' option. You can also go to the address bar and type
Then, go to 'Passwords & Personal Info' from the navigation menu on the left.
If there are any leaked passwords, you'll see an alert like '[N] leaked' on the page; click it to switch to the tab for compromised passwords.
You can see the website and usernames for which the passwords have been leaked. Click on 'Change' to go to the corresponding website and change the password for your account.
Find Leaked Passwords in iCloud Keychain
If you're an Apple user, iCloud Keychain also monitors your passwords against data breaches to keep you informed about any compromised passwords.
Open the 'Settings' app on your Mac (on macOS Ventura or later), iPhone, or iPad; the steps are exactly the same for all. For this guide, we'll showcase them using Mac.
Then, go to 'Passwords' from the options on the left.
You'll need to authenticate using your device password/ biometrics to access your passwords.
Then, if there are any compromised passwords, you'll get a 'Security Recommendations' option at the top; click it.
It'll list all the compromised passwords and the reason underneath them. Leaked passwords will have the message, "This password has appeared in a data leak, which puts this account at high risk of compromise." Click on the 'Change Password on Website' option.
It'll open the website in your browser. Log in to your account and change the password for the concerned website.
Passwords face a horde of challenges; that's why we're adopting Passkeys instead. Some of these challenges a user creates on their own and others, like password leaks, aren't under their control. Thankfully, Password Managers can help you stay on top of these data leaks and you can quickly change any compromised passwords.