September 30, 2020

Have I Been Pwned is now open source project

2 min read

Have I Been Pwned (HIBP) is the most influential self-checking website for data breaches? Recently, the founder, Troy Hunt announced that it will be open source.

Through HIBP, individuals and companies can easily check whether their email addresses or passwords are exposed in the continuous outbreak of large and small data breaches, thereby preventing or reducing the risk of credential reuse.

Troy Hunt said in an online statement that turning the HIBP service into an open-source project will ensure that HIPB can be managed by multiple people instead of relying on him.

Currently, many services run by HIBP are provided by cloud service providers such as Cloudflare for free, and the open-source community and volunteers have also contributed a large amount of product code.

new encryption technologies splintering

“Linux password file”by Christiaan Colen is licensed under CC BY-SA 2.0

Earlier this year, an acquisition called the “Project Svalbard” failed, prompting Hunt to implement an open-source plan. “The code will be turned over to the public for the betterment of the project and frankly, for the betterment of everyone who uses it,” Hunt said.

The value of HIBP lies in the fact that Hunt himself collected a large number of data sets leaked by cybercrime, but until today, although these data sets have been changed hands and circulated on the dark web many times, the legality of possessing is still a gray area. Hunt himself stated that he has consulted experts including KPMG lawyers and welcomes all parties in the industry to put forward their views on the legality of HIBP data. So far, many large companies around the world, including technology companies, have basically recognized and welcomed HIBP’s services because HIBP can help them reduce the risk of account reuse.