For almost a decade, Have I Been Pwned (HIBP) has become one of the most popular tools for check if our emails have been part of a data breach, and now its creator and manager, the security researcher Troy hunt, has decided to make it an open source project.
Hunt, who is currently serving as Microsoft's Regional Director, explained on his blog that the plans he started in August last year to start opening the code for the project had already been finalized. As of today, Have I Been Pwned is open source, and it will also have the collaboration of the FBI.
A database of billions of email addresses and phone numbers that will continue to grow
In the years that you have HIBP, it has grown so much that it harbors information on more than 11,000 million hacked accounts. One of the most recent additions to that database was the recent breach to Phone House customers in Spain, whose email addresses and phone numbers already appeared mostly on the site.
HIBP has become a reference in the world of cybersecurity, and thanks to the .NET Foundation, which has offered its support to Hunt, the project has been able to become open source. In addition, the collaboration of the FBI implies that they go to the website of Have I Been Pwned you will begin to receive a feed of leaked passwords discovered by the agency in its various investigations.
Hunt hopes this change will drive greater adoption of the service., both because of the transparency that the openness of the code base entails and because of the confidence that people can always "roll on their own" if they want to: "HIBP's philosophy has always been to support the community, now I want to get the community to help support HIBP. "
Have I Been Pwned is written in .NET and runs on Azure. You can now find the code on GitHub, under a Modified BSD license.
Cover photo | Troy hunt