Have I Been Pwned is a website with a silly name and a serious mission: keep track of the various high-volume data breaches, collect all of them into a database, and let people see if their login has been compromised. Now the creator of the tool says he’s going to transition it into an open source project.
There will be several benefits to this, most obviously the ability for other security tools to automatically search the database of compromised logins and password. 1Password already does that, with LastPass implementing its own similar solution (though not using this specific tool). Once the open source transition is complete, anyone will be able to build that kind of automatic searching through the k-Anonymity database with an API.
HIBP creator Troy Hunt says he’s also enlisting the help of the open source community to clean up the rather messy code of the seven-year-old project, which was up for an acquisition at one point that has apparently fallen through. Hunt is also a director at Microsoft, in addition to being a well-respected security researcher and an /r/battlestations MVP. There’s no specific timeline for publishing the source code.