Has anyone been looking at the files on your computer? Or on your cloud drive? Has anyone been browsing parts of your web site that they’re not supposed to, and which you thought you’d secured? Has anyone managed to find your contacts database online?Your answer to all of these questions is probably “I would hope not”. But you can’t be sure, of course. And that’s where the idea of a canary token comes in.If you’re not familiar with the idea of a canary as an early warning system, its origins lie in coal mining. Miners would carry a small bird (typically a canary) in a cage. If the mine filled with dangerous gases, and an explosion or suffocation was imminent, the canary would die quickly. This gave the miners time to get out of the area to safety.Nowadays, of course, electronic detectors are used in place of caged birds, but the name still sticks.A canary token is a web URL, email address, document file and so on which will trigger an action if it’s ever accessed. In the case of a web URL, the canary token is the address of a unique yet non-existent page on the web site of the company that issued the token. If someone were to ever attempt to access that page, the web server would notice (because it would attempt to serve that non-existent page to whoever requested it). The server will then notify the owner of the canary token that someone tried to access it.Canary tokens don’t have to be web URLs. They could be an email address, a Word document, a PDF file, and so on.
Is Anyone Looking At Your Files? A Canary Will Tell You. | Gizmo’s Freeware