Shard is a command line tool that allows users to check if a particular password is also being used for their Facebook, Twitter, Instagram, LinkedIn, and Reddit accounts. The intention is that the user would then rectify the situation, although for obvious reasons the utility itself doesn’t have the power to make changes to the accounts.
Philip O’Keefe developed Shard after finding that the randomly generated password he was using for several different accounts was among the credentials leaked following the major LinkedIn breach that took place earlier this year. O’Keefe is now using a password manager to maintain the security of his accounts.
Given the current frequency of security breaches affecting major sites and services, a tool like Shard couldn’t come at a better time. In June, Twitter was forced to lock millions of accounts after it emerged that passwords for as many as 32 million accounts were being sold on the dark web.
However, there are some concerns about how Shard could benefit those working to target users who do use the same password everywhere they go. The tool could allow hackers to check where illegally purchased passwords are in use, and slight modifications could expand the list of being examined to include banking services and more, according to a report from Ars Technica.
In the event that Shard is adopted by online criminals, there’s all the more reason to use unique passwords for every site and service you register an account for. You can grab the Shard tool right now from its GitHub page.
Editors' Recommendations
- These embarrassing passwords got celebrities hacked
- Hackers are using a devious new trick to infect your devices
- AI can probably crack your password in seconds
- If you use this free password manager, your passwords might be at risk
- This huge password manager exploit may never get fixed