Login Security Project 'Have I Been Pwned' Goes Open Source

Have I been Pwned screenshot

Have i been pwned is a website with a silly name and a serious mission: to track different high volume data breaches, put them all into a database, and let people see if their connection has been compromised. Now the creator of the tool says it will the transition to an open source project.

There will be several advantages to this, most obviously the ability for other security tools to automatically search the database for compromised usernames and passwords. 1Password already does this, LastPass implementing its own similar solution (without using this specific tool). Once the open source transition is complete, anyone will be able to create this kind of automatic search in the k-Anonymity database with an API.

HIBP creator Troy Hunt said he was also enlisting the help of the open source community to clean up the rather complicated code for the seven-year-old project, which was on hold for an acquisition at some point that has apparently failed. Hunt is also a director at Microsoft, in addition to being a well-respected security researcher. and an MVP / r / battlestations. There is no specific timeline for the release of source code.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.