Earlier this week we released a powerful, free tool to help you find out whether your email and passwords have been stolen in a public data breach. Keeper’s Data Breach Scan powered by BreachWatch® is truly free with no account sign-up required to learn whether the email address provided is included in any public data breaches and how many passwords associated with that email have been stolen.
How it Works (Technically)
The Data Breach Scan is powered by Keeper’s BreachWatch service. BreachWatch is a self-contained managed service operated by Keeper on Amazon AWS which is physically separate from the Keeper Backend API and stored user data.
On the BreachWatch servers, a physical hardware security module (HSM) is used to process, hash and store billions of unique passwords from dark web data breaches. Each of these billions of passwords is processed on Keeper’s servers using HMAC_SHA512 hashing method, hashed with a HSM using a non-exportable key.
The BreachWatch backend architecture was built to prevent correlation of a breached password to an actual password in the user’s vault, no matter the size of the data breach. The hashing used in the breached password detection utilizes a physical HSM to ensure that hashing can only be performed online – to prevent any threat of brute force attack on the BreachWatch data. For additional security and encryption details, visit our documentation portal.
Keeper Security is a SOC 2 and ISO27001 certified company.
Keeper does not and will not share or leak any user information or vault data with any 3rd party. Other “dark web scan” products in the market may potentially using untrusted sources of data.
Ease of Use
Only an email address is required to perform the scan and receive the summary results. You may scan an unlimited number of personal email addresses.
If you choose to sign up for a BreachWatch paid subscription you will be able to see the actual breached websites and the dates they were breached. Additionally, you will be able to correlate the Free Breach Scan results directly to your stored Keeper vault passwords.