Have I Been Pwned is now Open Source

May 29, 2021 Main

The primary function of Have I Been Pwned since it was launched is to provide the general public a means to check if their private information has been leaked or compromised. Visitors to the website can enter an email address, and see a list of all known data breaches with records tied to that email address. The website also provides details about each data breach, such as the backstory of the breach and what specific types of data were included in it.

Have I Been Pwned also offers a “Notify me” service that allows visitors to subscribe to notifications about future breaches. Once someone signs up with this notification mailing service, they will receive an email message any time their personal information is found in a new data breach.

Pwned Passwords is Now Open Source via the .NET Foundation

It’s a very simple codebase consisting of Azure Storage, a single Azure Function, and a Cloudflare worker.

It has its own domain, Cloudflare account, and Azure services so can easily be picked up and open-sourced independently to the rest of HIBP.

It’s entirely non-commercial without any API costs or Enterprise services like other parts of HIBP (I want community efforts to remain in the community).

The data that drives Pwned Passwords is already freely available in the public domain via the downloadable hash sets.

 There’s a Have I Been Pwned organisation in GitHub that has the following 2 repositories:

  1. Azure Function
  2. Cloudflare Worker

There’s a third repository in that organisation. Because there was so much enthusiasm over this 3D print earlier in the week, I’ve dropped the .stl into the 3D Prints repository so you can go and grab it and print it yourself

Check if your email or phone has been compromised by a data breach here: https://haveibeenpwned.com/