Skip to Main Content

What should you do when your account’s been pwned?

If you’ve been pwned, you have either been totally destroyed in a video game or just had someone steal or hack your account details. In terms of life complexity, the first option might be more agreeable. “What should I do,” is the first of many tumultuous thoughts running through your brain when getting the news about this second option. A battery of action verbs come to mind such as watch, plan, call, freeze, lock, and change. The most important word in this batch is the last – change.

Have you been pwned?

First things first though – you need to figure out if your account has been in a data breach in the first place. Luckily thats rather easy, just do the following:

  • Visit the
  • Enter your email-address
  • Click on “pwned?”

If you see the message “Oh no — pwned!” chances are, that Collection #1 was amongst them.

Three ways to change that password

There are only a few really important things to remember when it comes to changing a password:

Change it now – It’s important to change the password to a hacked or leaked account as quickly as possible. It’s common sense – after losing the key to a lock, it becomes an urgent priority to change or replace it as you don’t know who will find said key and what their intent might be.

Change it well – Password and asdfqwer are simply not good passwords – and neither is your birthday. A good password has 10 characters, contains both upper and lower case letters, numbers, and symbols. Making a password out of a sentence or phrase can help make it memorable.  Recycling a single secure password for each account is also highly not recommended. Thanks to decryption advances, the length of a secure password is getting longer.

Don’t change it alone – Unless you are a genius savant, you will simply not be able to remember a secure password for each your various accounts. Remember, reusing a secure password is not a good idea. We recommend using a password manager that helps you create secure, individual passwords for your accounts, syncs access to these accounts and passwords across your devices, and yet still lets you access them with a single master password known to you alone.

If you or your data are pwned and lost, get a road map

Changing the password may be enough, it might not. It certainly is just the starting point. Depending on the type of data breach, you might have many more steps to make to secure your data and your identity. To get an overall guide to the needed activities, go to and download a template from the FTC.

What’s the difference between a credit bureau lock and freeze?

Keeping watch with a free credit monitoring report from one of the three major credit bureaus – Equifax, Experian and TransUnion – can be a good idea. And what about a lock versus a freeze? The difference is not just word choice – both have difference purposes and costs. A credit lock from a credit bureau stops individuals from having new accounts opened in their name. The features vary my bureau and you have to pay for this service. A credit freeze means that the bureau can’t release/sell information about you (which is usually part of the process of starting an account). The credit freeze is free and is defined by law. Can you feel the difference?

The passwords, they are a changing

When it comes to minimizing the damage from being pwned, time is of the essence. So go ahead, and let technology make this change an easier one.

Avira, a company with over 100 million customers and more than 500 employees, is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than 25 years of experience, the company is a pioneer in its field.