Skip to main content

By clicking a retailer link you consent to third-party cookies that track your onward journey. This enables W? to receive an affiliate commission if you make a purchase, which supports our mission to be the UK's consumer champion.

Are you at risk of being hacked? How to check in 30 seconds

See if your data might be at risk and how to improve your online security with these quick checks
Tom MorganSenior Consumer Writer

With over a decade of experience at Which?, Tom covers everything from tech advice to money-saving tips, and highlights the best deals during major sales events.

Email data breach
Set as preferred source

Most of us have dozens of online accounts tied to the services we use every day, from shopping websites and streaming platforms to social media apps. But keeping track of all those passwords can be tricky, especially as data breaches and online scams become increasingly common.

But here's the good news – improving your online security doesn’t have to involve hours of effort. In many cases, a quick check using security tools already built into your smartphone or PC can help flag passwords and accounts that might be putting you at risk.

Below, we explain some of the quickest ways to improve your digital security, including how to use Google Password Manager to spot weak, reused or compromised passwords.

Which? Tech Support package

Get tech help from humans - save 25%

Solve your tech issues and get expert buying advice by chatting to our support team as often as you need for only £36.75 year.

Buy and save

Save 25% – was £49, now £36.75 for a year, offer ends 8 June 2026

Already a Tech Support member? For more help and 1-2-1 technical advice, including buying advice, go to our Tech Support online booking tool.

See if your email is involved in a security breach

⏱️ Time check: It takes less than 10 seconds to identify data breaches affecting your email.

HaveIBeenPwned screenshot

Enter your email address into the search box on Have I Been Pwned and the website will scan a database of publicly known breaches linked to major online services and apps.

If your details appear in the results, the site will show which breaches your email address was associated with and when the incidents were reported. Appearing in a breach doesn't automatically mean your accounts have been accessed, but it's a warning sign that you should change affected passwords and avoid reusing the same login details elsewhere.

To strengthen affected accounts, you can then use Google Password Manager (below) to check for weak, reused or compromised passwords.

Shore things up with Google Password Manager

⏱️ Time check: The built-in Password Checkup tool takes less than 30 seconds to run.

Google Password Manager

Google Password Manager can quickly highlight passwords that should be updated first, including logins that are weak, reused or linked to known data breaches. The tool will also show which accounts are using the same password, helping you make sure each account has a unique login.

  • On desktop (Windows) – open Google Chrome and click the three-dot menu in the top-right corner. Select Passwords and autofill > Google Password Manager. If Checkup doesn’t appear automatically, see the main menu in the top-left corner and choose Checkup
  • On iPhone and Android – open the Chrome app and tap the three-dot menu, then go to Password Manager (or Google Password Manager) and choose Checkup to review passwords.

Google will then scan your saved passwords across websites and flag any that are compromised, reused or weak. Compromised passwords are the most important to deal with first, as these might already have appeared in known data breaches. If you've reused a compromised password across multiple accounts, change those logins as soon as possible.

Selecting Change password on any of the entries will redirect you to the brand's website. Our guide on how to set secure passwords can help. 

More suggestions for staying safe online

  • Check passwords on iPhone and iPad – open the Passwords app and tap Passkeys. Accounts marked with a red exclamation mark have been flagged as compromised, and you should change the associated password immediately. A grey exclamation mark indicates a recommended change for a reused password.
  • Check passwords on macOS – open the Passwords app (you can search for it in Finder if needed) and, as you would on iPhone, identify the issues marked with exclamation marks.
  • Use Which?-recommended antivirus software – top antivirus software can help protect your devices against malware, suspicious downloads, scam websites and other online threats. Explore our expert guide to the best antivirus for our recommended packages.
  • Set up two-factor authentication (2FA) – with this enabled, you make your online accounts harder to access without permission. Attempting to access an account from a new device prompts the service to send a unique code to your phone, so you have the power to approve or deny logins (See also: Phone apps you need to secure right away).
  • Use unique passwords for every account – reusing the same password across multiple websites makes it easier for scammers to access several accounts if one login is exposed in a data breach.

Join Which? Tech Support

Which? Tech Support package

Get tech help from humans - save 25%

Solve your tech issues and get expert buying advice by chatting to our support team as often as you need for only £36.75 year.

Buy and save

Save 25% – was £49, now £36.75 for a year, offer ends 8 June 2026

Which? Tech Support can help you stay on top of your home tech, whether you need help choosing a new device, setting up a gadget or resolving a technical problem. Our experts explain things clearly so you can feel more confident using your devices.

Members get unlimited 1-to-1 support by phone, email or remote fix, where we connect securely to your computer and resolve issues while you watch. You’ll also receive six issues of Which? Tech magazine delivered to your door each year. 

You can join Which? Tech Support.

More on this