Have I been pwned? – Page 16

Podcast: Troy Hunt Talks Bad Passwords – and Who’s to Blame for Them

Posted on November 8, 2018 by Lindsey O'Donnell

Troy Hunt sounds off on how both consumers and services have a joint role in creating and enforcing strong passwords. Continue reading Podcast: Troy Hunt Talks Bad Passwords – and Who’s to Blame for Them→

Breaking Azure Functions with Too Many Connections

Posted on October 10, 2018 by Troy Hunt

Presently sponsored by: Do you desire peace of mind? The hackers don’t wait, secure your website and mobile apps with Gold Security today.

For the most part, Have I Been Pwned (HIBP) runs very smoothly, especially given how cheaply I run many parts of the service for. Occasionally though, I screw up and get something wrong that interrupts the otherwise slick operation and results in some outage. Last weekend was one such occasion

Continue reading Breaking Azure Functions with Too Many Connections→

Search on email domains using the Have I Been Pwned API?

Posted on October 2, 2018 by pdp2907

Using the HIBP API, is it possible to search for email domains? I know that HIBP has around 5 billion email records. All I want is a count of gmail.com or yahoo.com records.

I know that I can check my own email id and it see… Continue reading Search on email domains using the Have I Been Pwned API?→

Firefox Monitor starts tracking breached email addresses

Posted on September 27, 2018 by John E Dunn

Mozilla has formally launched Firefox Monitor, a privacy-engineered website that hooks up to Troy Hunt’s Have I Been Pwned? (HIBP) breach notification database. Continue reading Firefox Monitor starts tracking breached email addresses→

Mozilla Reveals User Accounts Leakage Tool Called Firefox Monitor

Posted on September 26, 2018 by Martin Beltov

The Mozilla Firefox Monitor service is a new tool that will check the user email address has been a part of a major site leakage. It is based on ” Have I Been Pwned” and seeks to bring more awareness…Read more
The post Mozilla Reveals Use… Continue reading Mozilla Reveals User Accounts Leakage Tool Called Firefox Monitor→

Dataset with 42 Million Emails and Passwords Uploaded on Kayo.me

Posted on September 13, 2018 by Milena Dimitrova

Security researcher and privacy advocate Troy Hunt has reported an intriguing incident involving a free, public, and anonymous hosting service. Apparently, a large database containing email addresses, passwords in clear text and partial credit card det… Continue reading Dataset with 42 Million Emails and Passwords Uploaded on Kayo.me→

The 42M Record kayo.moe Credential Stuffing Data

Posted on September 13, 2018 by Troy Hunt

Presently sponsored by: Netsparker – dead accurate web application security scanning solution – Scan websites for SQL Injection, XSS & other vulnerabilities

This is going to be a brief blog post but it’s a necessary one because I can’t load the data I’m about to publish into Have I Been Pwned (HIBP) without providing more context than what I can in a single short breach description. Here’s the story:

Kayo.moe is…

Continue reading The 42M Record kayo.moe Credential Stuffing Data→

Serverless to the Max: Doing Big Things for Small Dollars with Cloudflare Workers and Azure Functions

Posted on September 5, 2018 by Troy Hunt

Presently sponsored by: Do you desire peace of mind? The hackers don’t wait, secure your website and mobile apps with Gold Security today.

As time has gone by, one of the things I’ve enjoyed the most in running Have I Been Pwned (HIBP) is seeing how far I could make the dollars stretch. How big can it go whilst at the same time, running it on a shoestring? I keep finding new ways…

Continue reading Serverless to the Max: Doing Big Things for Small Dollars with Cloudflare Workers and Azure Functions→

Pwned Passwords, Now As NTLM Hashes!

Posted on August 28, 2018 by Troy Hunt

Presently sponsored by: How fast can you update your security after an algorithm is compromised? Improve crypto agility with tips from DigiCert’s CTO

I’m still pretty amazed at how much traction Pwned Passwords has gotten this year. A few months ago, I wrote about Pwned Passwords in Practice which demonstrates a whole heap of great use cases where they’ve been used in registration, password reset and login flows. Since that time, another big…

Continue reading Pwned Passwords, Now As NTLM Hashes!→

Seamless A/B Testing, Deployment Slots and DNS Rollover with Azure Functions and Cloudflare Workers

Posted on July 19, 2018 by Troy Hunt

Presently sponsored by: Matchlight by Terbium Labs: Know when your exact data appears on the dark web. Schedule a meeting during Black Hat to learn more!

Two of my favourite developer things these days are Azure Functions and Cloudflare Workers. They’re both “serverless” in that rather than running on your own slice of infrastructure, that concept is abstracted away and you get to focus on just code executions rather than the logical bounds of…

Continue reading Seamless A/B Testing, Deployment Slots and DNS Rollover with Azure Functions and Cloudflare Workers→