Back in June 2007, the National Institute of Standards and Technology (NIST) released guidance that said websites should check potential passwords against previous data breaches, to ensure they are totally unique and never previously used.
While some largest websites out there are already using the feature, most other websites are yet to offer that functionality.
Troy Hunt, the founder of 'Have I Been Pwned', has launched a tool where people can check for passwords to see whether they've been previously compromised, or not.
The tool lies inside Have I Been Pawned website, and using it is pretty simple. Users can just type in any password they can think of, and the tool will then compare it against a database of over 306 million passwords that have been previously leaked and collected over the course of several years.
What's more, Hunt also made the data available for free to download so developers can integrate it into their own websites.
The tool can also be a place for password exploration to know what kind of passwords people actually used. The tool somehow revealed that people do use weird names or words as passwords. They sometimes even use their real name.
It's advised that users don't type in to check passwords that they're actively using. "Do not send any password you actively use to a third-party service - even this one!" highlighted the website.
Troy's tool is showing how important it is for people on the web to use strong passwords. People need to know how important it is to protect themselves and their privacy because good password security is the very first protection against online attackers.
Remembering strong passwords can be difficult, especially if you have many of them to remember. You can use password manager to manage and safe keeping all other passwords you have for the multiple services you may use in this ever growing web.