When it comes to staying secure on the web, I strongly recommend that everyone uses a reliable password manager. Password managers allow you to easily use a unique password for every single online service you use.

Having a unique password for each online service is key, because when you recycle passwords, one website hack suddenly opens up your entire online identity.

Unfortunately, password managers haven’t always existed, and in the past you’ve probably reused the same password for multiple websites. In fact, you’ve probably forgotten about half of the websites you signed up for throughout your online life.

A long time ago, I picked a great password, and used it EVERYWHERE. That’s a really bad idea. If one website was ever hacked, then all of the services I used that password for were also potentially compromised.

Now, years later, how do I determine which websites I signed up for, and which ones still have that one old password?


I use the website haveibeenpwned.com.

This site maintains a huge database of accounts that have been compromised. Type in your email address (I even check my old email addresses) and it’ll let you know if you’re on any of the lists of compromised email password combinations. This doesn’t solve the problem for you, but it will at least let you know if any of your accounts have been impacted.

As always, the safest way to manage your online identity is to use a unique password for every service. You should always rotate your passwords regularly (I recommend once every six months).