The password breach service I Pwned is open source

Upgrade your enterprise in data technology and strategy Transform 2021.

Password violation database I have seriousness (HIBP) Now it is made Its entire codebase is open source, as promised by creator Troy Hunt In august.

HIBP is also gaining access to new and consistent caches of broken passwords through the FBI, which has offered to funnel exploit passwords found in its digital crime-fighting efforts directly into the HIBP engine.

HIBP was first started in 2011-2013 Hunting, A reputable security expert, and serves as an easy way for anyone to find out if certificates for their online accounts appear in online data dumps. The service now receives approximately 1 billion requests a month, and numerous third parties take advantage of the data within their own applications and websites, Including Mozilla Firefox browser And 1 password, which Last year, a new data-intensive reporting service was launched For its enterprise customers based on HIBP data.

Above: Have I Pwned is now open source

Person problem

Over the past eight years HIBP has been working to solve the problem that affects everyone from an online shipper to a multinational corporation. Bad password hygiene Is a major driver of security breaches 1% of all Violation caused by alleged agreement password. Last year, the password management platform actually Dashlane Launched a new tool that provides business Data on the health of their employees’ passwords.

All the way to the initiative Stands for changing passwords with alternative security mechanisms such as biometric authentication and two-step authentication. But passwords still rule the roast, so the HIBP database has proven such a usefulness for millions of people.

Hunt, whatever To Microsoft Regional DirectorLast year selected for open source HIBP a Unsuccessful acquisition. He decided to push HIBP into full community ownership because of the free contribution of individuals worldwide and data breaches among consumers and companies became an indispensable source of data. But, as Hunt pointed out at the time, the whole project still lies with him. “If I don’t lose, HIBP will soon dry up and die,” he said.

In the open source

This is where open-sourcing comes into play. “I knew it wouldn’t be easy, but I also knew it was the right thing to do for the longevity of the project,” Hunt wrote in a blog post today.

Given the complexities of converting an individual project into an open source entity, Hunt changed .NET Foundation, Is a for-profit organization Microsoft Established in 2014 to inspect it Open source transition to the .NET Framework.

“There’s been a lot of this effort that has been busy moving people into the public domain for a few years running as a pet project,” Hunt wrote. “I had no idea how to manage open source projects, set up a license model, coordinate where the community tried, contribute, redesign the release process, and all sorts of other things. I’m sure I thought. Not yet. Still

HIBP now has its own Profile on GitHub, With stores for one Azure function And Cloudflare staff, And it is issued according to a permission BSD– Section License.

The first important part of the work for HIBP as an open source project is to develop the functionality needed to inject FBI identification credentials.

“They will be fed into the system as provided by the bureau, and obviously it is both the cadence and the volume that depend on the nature of the research associated with them,” Hunt wrote. “The important thing is that there is an ingestion route where data can flow to HIBP and be made available to consumers as quickly as possible to maximize the value presented.


Ventbret’s mission is to be a digital city class for those who want to learn about transformative technology and business. Our site provides the necessary information on data technologies and strategies to guide you when you lead your organization. We invite you to become a member of our community to access:

  • Up-to-date information on topics of interest to you
  • Our newsletters
  • gated thought-leader content and access to our valued events, e.g. Transform 2021: Learn more
  • Networking features, and more

Become a member

Leave a Comment