# **How to check if a password has been exposed** Revealing an online account password can expose users to many risks such as information theft, fraud, loss of money. Popular web platforms and password managers now have features that allow users to check if their passwords have been compromised or appear on the dark web. On macOS, users go to iCloud Keychain, and on iOS go to *Settings > Passwords > Security Suggestions*. Here, users can see a list of saved passwords. iCloud Keychain will warn which passwords have been exposed and provide the option to change them. With the Chrome browser, the Password Checkup tool will show weak, reused or compromised passwords. User can go to *password.google.com* and go to *Check Password*. The website will show which passwords have been exposed and suggest changes through a red warning. On the Microsoft Edge browser, users access *Settings > Profiles > Passwords > Enable Password Tracker*. If any of the passwords are leaked, a message will appear prompting the user to change. The easiest way to deal with problems is to change to a stronger password. With the trend of users creating more and more accounts online every year, the password threat is increasing. According to *Dashlane,* in 2022, nearly 20% of passwords will be compromised in North America alone. However, when receiving a warning from the system, users often tend to ignore it instead of choosing to fix it, unknowingly putting them at risk of becoming a victim of cybercrime. **Accounts that need to change passwords regularly** *Accounts that are “sensitive”* Users need to regularly change passwords for important accounts such as frequently used email, banking, financial services, related applications related to health and social security. “Anything that affects money and personal information should be prioritized, because scammers will go after those things,” advises Craig Lurey, chief technology officer of security firm Keeper Security. According to him, emails are a common target for scammers. When infiltrating, they can collect a lot of information of the victim such as work place, destination, travel time or money spent. They can then send phishing emails, even trying to change bank account information, services associated with this email. *Social network accounts* Social media accounts are also a place to store a lot of personal information of users, including name, email address, phone number, location, photos and videos. If these accounts are compromised, crooks can use them for many malicious purposes, the most common being fraudulently borrowing money from other people’s friends. *Shopping apps* Shopping apps and similar accounts may store credit card information, billing addresses, contact information, and order history. Hackers can use these apps to arbitrarily order valuable items. *Other account types* According to security experts, forum accounts and other non-transactional platforms have a lower risk of being stolen by bad guys. However, from the generated passwords, they can be used to “cross-check” with other platforms. If users have a habit of sharing passwords for many different services, the risk of being attacked will be very high.