troyhunt
Latest
Have I Been Pwned's code base will be open sourced
It'll help ensure 'a more sustainable future' for the project after a failed acquisition process.
Firefox Monitor will tell you when your passwords are compromised
After a few months of testing, Mozilla has launched its free Firefox Monitor service that notifies users when their credentials are stolen as part of a data breach. The website, which is essentially an external interface to Troy Hunt's Have I Been Pwned (HIBP) database, also allows users to sign up for notifications in case their email addresses are found in future breaches.
UK and Australia are monitoring their domains with Have I Been Pwned
A lot of people have used Troy Hunt's Have I Been Pwned to see if their email addresses are attached to any services that have experienced data breaches. Large organizations can also use it to search their domain names as a group and now, the service counts the UK and Australian governments among them. As Hunt explained in a blog post: "Amongst those verified domain searches are government departments and they too are enormously varied; local councils, legal and health services, telecoms and infrastructure etc...The thing is, loads of government departments within different countries have all been running these searches independently and that means an awful lot of duplication of effort has been going on."
1Password now lets you see if your password has been leaked
If you have a 1Password membership, you can now check to see if your passwords have been compromised by data breaches and leaked on the internet. It's just a proof of concept feature for now, but 1Password says that in future releases, it will be added to Watchtower within 1Password apps. The feature is an integration of Troy Hunt's Pwned Passwords service that includes over 500 million leaked passwords.
Firefox will soon flag sites that have been hacked
Firefox is having a good run right now, having just released its much speedier and better-looking Quantum browser. It's now working on a new feature that security fans are bound to like: It will warn you if you're visiting a site that has suffered a data breach. Firefox is working on the feature in collaboration with "Have I Been Pwned," the popular site that can check your email and tell you if your credentials have been stolen by hackers.
Need a new password? Don't choose one of these 306 million
Troy Hunt, the security expert behind Have I Been Pwned (HIBP), has released 306 million previously-pwned passwords in a bid to help individuals and companies ramp up their online security. The passwords have been mined from dozens of data breaches, and now anyone can download them for free. HIBP lets someone see if their email address has appeared in a breach, but doesn't reveal the associated password for that particular compromised service. Now, Hunt -- who has written extensively on password protection -- has flipped the model on its head, making passwords searchable without the associated email address or username.