Shard is a command line tool that allows users to check if a particular password is also being used for their Facebook, Twitter, Instagram, LinkedIn, and Reddit accounts. The intention is that the user would then rectify the situation, although for obvious reasons the utility itself doesn’t have the power to make changes to the accounts.
Philip O’Keefe developed Shard after finding that the randomly generated password he was using for several different accounts was among the credentials leaked following the major LinkedIn breach that took place earlier this year. O’Keefe is now using a password manager to maintain the security of his accounts.
Given the current frequency of security breaches affecting major sites and services, a tool like Shard couldn’t come at a better time. In June, Twitter was forced to lock millions of accounts after it emerged that passwords for as many as 32 million accounts were being sold on the dark web.
However, there are some concerns about how Shard could benefit those working to target users who do use the same password everywhere they go. The tool could allow hackers to check where illegally purchased passwords are in use, and slight modifications could expand the list of being examined to include banking services and more, according to a report from Ars Technica.
In the event that Shard is adopted by online criminals, there’s all the more reason to use unique passwords for every site and service you register an account for. You can grab the Shard tool right now from its GitHub page.
Editors' Recommendations
- How to change your router’s Wi-Fi password
- Hackers are using this incredibly sneaky trick to hide malware
- Hackers may have stolen the master key to another password manager
- No, 1Password wasn’t hacked – here’s what really happened
- AI can probably crack your password in seconds
