k-anonymity – WindowsTechs.com

Why does HIBP use k-anonymity when checking passwords?

Posted on May 17, 2022 by gorge42

Maybe I’m misunderstanding the purpose of k-anonymity, but I don’t see the why HIBP uses it when checking user passwords.
This website, which explains HIBP’s implementation of it, says, "The client will then truncate the hash to a pre… Continue reading Why does HIBP use k-anonymity when checking passwords?→

In which case would one use the Modrian algorithm for (minimal) k-anonymization over SQL?

Posted on April 13, 2021 by Denny

The Modrian algorithm has no knowledge of the inherent hierarchies and structures of data. By using manual SQL one could do the following mapping:
Berlin, Hamburg, Munich -> Germany
London, Manchester, Glasgow -> United Kingdom
While… Continue reading In which case would one use the Modrian algorithm for (minimal) k-anonymization over SQL?→

How choose a k for k-anonymity?

Posted on March 17, 2021 by Denny

I have manually scraped multiple pages of search results on Google and haven’t found a single suggestion as to how to find an optimal k when you are trying to "k-anonymize" your dataset. All I can find is the obvious fact that &q… Continue reading How choose a k for k-anonymity?→

How choose a k for k-anonymity?

Posted on March 17, 2021 by Denny

What is the definition of "sensitive attribute" in the context of k-anonimity?

Posted on March 1, 2021 by Denny

I have encountered the term "sensitive attribute" multiple times when reading up on the concept of k-anonimity — but the texts never formally define what this term means.
Take this example of a k-anonymized table from Wikipedia:… Continue reading What is the definition of "sensitive attribute" in the context of k-anonimity?→

How to explain "the k-anonymity model used by HaveIBeenPwned for pwned passwords doesn’t expose your passwords" to a layman?

Posted on September 10, 2020 by Nzall

People are naturally skeptical when they hear about the HaveIBeenPwned pwned passwords search, because who would in their right mind enter their password into a random website? And sure, HIBP uses k-anonymity to make sure they don’t know y… Continue reading How to explain "the k-anonymity model used by HaveIBeenPwned for pwned passwords doesn’t expose your passwords" to a layman?→

Chrome extension warns users their login credentials have been breached

Posted on February 7, 2019 by John E Dunn

Google’s released a Chrome extension, Password Checkup, that’s designed to warn users when they enter a username and password the company has detected in a data breach. Continue reading Chrome extension warns users their login credentials have been breached→

Vast data-berg washes up 1.16 billion pwned records

Posted on January 18, 2019 by John E Dunn

Have I Been Pwned? (HIBP) has revealed a huge cache of breached email addresses and passwords, which it has named Collection #1. Continue reading Vast data-berg washes up 1.16 billion pwned records→

Firefox Monitor starts tracking breached email addresses

Posted on September 27, 2018 by John E Dunn

Mozilla has formally launched Firefox Monitor, a privacy-engineered website that hooks up to Troy Hunt’s Have I Been Pwned? (HIBP) breach notification database. Continue reading Firefox Monitor starts tracking breached email addresses→