We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

Login Security Project ‘Have I Been Pwned’ Goes Open Source

Have I been Pwned image

Have I Been Pwned is a website with a silly name and a serious mission: keep track of the various high-volume data breaches, collect all of them into a database, and let people see if their login has been compromised. Now the creator of the tool says he’s going to transition it into an open source project.

There will be several benefits to this, most obviously the ability for other security tools to automatically search the database of compromised logins and password. 1Password already does that, with LastPass implementing its own similar solution (though not using this specific tool). Once the open source transition is complete, anyone will be able to build that kind of automatic searching through the k-Anonymity database with an API.

HIBP creator Troy Hunt says he’s also enlisting the help of the open source community to clean up the rather messy code of the seven-year-old project, which was up for an acquisition at one point that has apparently fallen through. Hunt is also a director at Microsoft, in addition to being a well-respected security researcher and an /r/battlestations MVP. There’s no specific timeline for publishing the source code.

Michael Crider Michael Crider
Michael Crider has been writing about computers, phones, video games, and general nerdy things on the internet for ten years. He’s never happier than when he’s tinkering with his home-built desktop or soldering a new keyboard. Read Full Bio »