Troy Hunt

JUNE 30, 2022

Four and a half years ago now, I rolled out version 2 of HIBP's Pwned Passwords that implemented a really cool k-anonymity model courtesy of the brains at Cloudflare. Later in 2018, I did the same thing with the email address search feature used by Mozilla, 1Password and a handful of other paying subscribers.

Passwords 308

Passwords Identity Theft Consumer Services Password Management 308

Troy Hunt

MARCH 4, 2020

Since launching version 2 of Pwned Passwords with the k-anonymity model just over 2 years ago now, the thing has really gone nuts (read that blog post for background otherwise nothing from here on will make much sense). They could be searching for any password whose SHA-1 hash begins with those characters.

Passwords 276

Passwords Data breaches Risk Encryption 276

Troy Hunt

MARCH 10, 2021

Two of my favourite things these days are Have I Been Pwned and Home Assistant. So, it was with great pleasure that I saw the two integrated recently: always something. So, it was with great pleasure that I saw the two integrated recently: always something. How long until it hits the big "1B"? ??

Passwords 350

Passwords IoT Password Management Data breaches 350

Troy Hunt

FEBRUARY 24, 2022

I feel the need, the need for speed. There's a time and a place for going fast, and there's no better place to do that than when querying Have I Been Pwned's Pwned Passwords service. (Ok, Faster, Faster, until the thrill of speed overcomes the fear of death. And so on and so forth.

Passwords 295

Passwords Malware 295

Troy Hunt

JULY 12, 2018

Over recent weeks, I've begun planning the release of the 3rd version of Pwned Passwords. If you cast your mind back, version 1 came along in August last year and contained 320M passwords. Far more significantly though, it introduced the k-anonymity search model that Cloudflare worked on and that's when things really took off.

Passwords 130

Passwords Password Management Data breaches Internet 130