Story Box Library
is now coming to you via
StoryBox Hub
redirecting you...

Having trouble loading our log in page? Find steps to resolve in this FAQ article

Back to FAQs Back to FAQs

Why is my browser warning me that my Story Box Library password has been compromised?

If your web browser displays a message such as:

  • "Check your passwords: Chrome found the password you just used in a data breach. To secure your accounts, we recommend checking your saved passwords."
  • "Vulnerable Password: This password has been used on another account that was likely in a data breach. Reusing credentials put all your accounts at risk. Change this password." (Firefox)
  • "Compromised Password: The password for your account has appeared in a data leak, putting your account at high risk of compromise." (Safari)
  • "Microsoft Edge detected that the password for # site/s has been leaked. Change your password to secure your accounts."

It means that the password you use to log into Story Box Library has appeared in a data breach. It does not mean Story Box Library has been compromised, but it could mean you've used the same password with another website that has been compromised, or it could mean the password is so common that someone else entirely used it with a website that has been compromised.

What should I do if I see one of these messages?

  • Change your Story Box Library password immediately. (Instructions here for Account Holders and Viewers, or if you created a password to go with your library barcode number reset your password with this form.)
  • If you know you use that password for any other sites, change them too. If you're not sure, your password manager should be able to tell you if you've reused any passwords.
  • Check your email address at Have I Been Pwned? to see if it has been compromised in any known data leaks. If any websites appear, change your password for those accounts.

Make sure you always use a strong, unique password for each online account. Your browser's inbuilt password manager can help you keep track of these, or you can use an independent password manager such as LastPass.

More information: