Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can I Find Out Where My Email Address Has Been Used?

So many accounts, so many services, so many places…

It'd be great to be able to locate all the places your email address has been used. Unfortunately, "great" doesn't mean "possible".
The Best of Ask Leo!
A Windows PC screen showing dozens of overlapping browser windows, each displaying a website with a message box asking for an 'email address.'
(Image: DALL-E 3)
Question: I want to find out what public sites my email address is attached to. Is there a website that I can go to, put my e-mail address in, and have it scan and tell me if my email address was used on sites like Facebook or anything else that I have signed up for?

The very short answer is no, there is no place to find out where your email address has been used or what sites are using your e-mail address.

However, there is at least one thing you can do to keep partial track.

Become a Patron of Ask Leo! and go ad-free!

TL;DR:

Where your email address has been used

There’s no comprehensive way to find all the places your email address has been used. Some methods to try include:

  • Use a password manager
  • Search online for your email address
  • Check haveibeenpwned.com for breaches
  • Search your email records
  • Attempt password resets on various sites

Ultimately, sharing your email cautiously is best.

Keep track beforehand

If you use a password manager, then by definition you have a list of services where your email address is being used to sign in.

It may not be complete (some services use passwordless sign-in), and it doesn’t cover non-account-related uses (like signing up for an email newsletter), but it’s one heck of a good start.

The good news is this is entirely under your control. In fact, it should be a side-effect of something you’re already doing: using a password manager to keep track of all your passwords.

The bad news, of course, is that it’s not everything. Unfortunately, that means we need to grasp at straws.

Search for it

Try searching for your email address in quotes — for example, “leo@askleo.com”. If it works, it’ll return a list of all the places where your email address has been posted publicly. Based on what you find, this may help you reverse-engineer how it got there.

I said “if it works” because this technique appears to be disappearing. In many cases, using quotes, which means “search for this exact string”, uses symbols to break apart words. Thus searching for “leo@askleo.com” could be treated as searching for “leo”, “askleo”, and “com”. While exact matches to “leo@askleo.com” might be highlighted, there may be many results that have nothing to do with the email address you’re looking for.

Look at breaches

A different kind of search is to head over to haveibeenpwned.com and enter your email address. There will be two classes of results.

  1. One sort of result explicitly tells you where the breach happened. This shows where your email address was used: it was used at that breached service.
  2. The other type of result tells you that your email address was found, but there’s no information indicating where. This is usually the result of large data dumps from hackers that don’t include the source of the information. These don’t help us trace where your email address was used.

Unfortunately, it seems that the latter case is more common.

Search your own records

If you keep an archive of your received or sent email, you can scour that data to find out where your email address had been used.

Unfortunately, not everyone keeps or archives their email, and even if you do, this can be a time-consuming process.

Try signing in to, well, everything

The only way I know of to find out if your email address is used on any given site is to attempt to use it. You may need to perform a password reset (aka “I forgot my password”), but if successful, this confirms that your email is associated with an account at that site.

If you’re looking for an exhaustive list, this implies trying your email address at a lot of sites. Once again, this is cumbersome and time-consuming.

There’s little hope for other uses

If none of the above work, or your email address wasn’t used as part of an online account setup, I’m not aware of anything more you can do.

  • There’s no way to locate where your email address was used as a recovery email address (unless you make a note of this in your password manager).
  • There’s no way to know which email newsletters and/or mailing lists the email address might be used for other than paying attention to your incoming email.
  • There’s no way to know whose address book/contact list your email address might appear in.

Do this

The only thing you can do is address the issue before it happens. That boils down to two things:

  • Be careful who you give your email address to.
  • Use a password manager so tracking those email address usages becomes a side-effect.

After the fact, however, the chances are slim to none that you can track back all the places your email address has ever been used.

How ’bout you use it in one more place? Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio

Play

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.