Have I Been Pwned is now open source
You can now run your own HIBP instance if you want
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The code powering the popular Have I Been Pwned? (HIBP) website that allows users to check whether any login information has been compromised, is now available under anopen sourcelicense to everyone.
Created and managed bycybersecurityexpert Troy Hunt, HIBP has gained millions of fans over the last seven years. In 2020 Hunt tried to unsuccessfully sell the project when he realized that it could no longer be managed by a single individual.
“The philosophy of HIBP has always been to support the community, now I want the community to help support HIBP,” Hunt wrote last year when he initiated the process to open source the code behind HIBP.
We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.
Click here to start the survey in a new window«
That process has now been completed and all the HIBP code, which is written in .NET and runs onMicrosoft Azure, is now available on GitHub under the BSD 3-clause license.
Collaboration with the FBI
HIBP pools data about the leaks from security breaches around the world, and allows users to search for their own information by entering their username or email address. Users can also sign up with HIBP to be notified if their email address leaked in a security breach in the future.
The service is notable for being the first to implement a cryptographic hashing communications protocol that allows it to verify if a password was leaked without fully disclosing the searched password.
The open source protocol is now being used by virtually allpassword managers.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
As he announced the completion of the open source process, Troy also shared that the FBI has decided to feed all compromised passwords discovered in the course of their investigations into HIBP as well.
“We are excited to be partnering with HIBP on this important project to protect victims of online credential theft. It is another example of how important public/private partnerships are in the fight against cybercrime,” said FBI’s Assistant Director, Cyber Division, Bryan A. Vorndran.
ViaZDNet
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)
