Have I been hacked? How to check your log-in info.

Hacked online log-in information opens the floodgates for cyber criminals to access e-mail accounts, social networks, as well as photos and videos stored in the cloud. You can easily check whether your username or password has been hacked using several tools.

A username complete with password is an access-all-areas pass to the internet, we all know that. But that a name and date of birth are enough to easily cause a great deal of damage? Perhaps less well known.

A date of birth and a name are all you need to place orders in many online shops. Shipping address? No problem. The thief simply chooses a parcel station and enters a random billing address, ensuring that the receipt either never arrives or is returned to the sender, who can find out the real address of the supposed customer via directory inquires—meaning that the unsuspecting customer is hit with unexpected costs.

The BSI recommends a range of ways to find out whether your password and e-mail address have been hacked through data theft or made public through security gaps in online databases—often the springboard to more criminal activities. If you’ve been affected, the advice is to change your password as quickly as possible.

  • The Hasso-Plattner Institute’s „Identity Leak Checker“ lets you enter your e-mail address to find out whether any personal data, including phone number, date of birth, and address have been published online. The institute reports that more than 1,600,000 accounts are hacked daily.

    The site also offers interesting statistics, such as the most commonly hacked domains (yahoo.com, gmail.com, hotmail.com) and passwords (123456, 123456789, and password).


  • The „Have I been pwned“  tool developed by security expert Troy Hunt checks whether your e-mail address has been involved in a security breach.

    And the website also provides a password check service that checks yours against more than 600 million leaked passwords. 

Easy to remember—and easy to hack! The most commonly leaked passwords as recorded by the Hasso-Plattner Institute.

  • 123456
  • 123456789
  • password
  • qwerty
  • 12345
  • 12345678
  • 111111
  • qwerty123
  • 1q2w3e
  • 123123

Screenshot haveibeenpwned.com/passwords after entering „password123“.


  • Firefox Monitor works on the same principle, but with an extra option to activate a free notification service for an instant update should your data be involved in a leak.

The BSI offers more valuable recommendations for action. 


  • Tips for secure passwords.

You’ve heard it all before, but do you actually do it? Find out how to choose a secure password here


  • How to protect your digital identity.

A different password for every service—sounds like a nightmare? With a password manager it doesn’t have to be. And there are also many free versions available.


  • Identity theft – What to do? ​​​​​​​

Received a payment reminder you know nothing about? Bank account cleaned out? Facebook hacked? BSI has created a useful set of guidelines on how to act in these emergency situations.


Bechtle update editorial team



Share this page

This post was published on Jan 18, 2019. and updated on Feb 1, 2022.