Opened HaveIbeenpwned Password Check Service

Troy Hunt ( Troy Hunt ) Have i been pwned? ” (haveibeenpwned.com) performing an inspection based on a base of 11.2 billion accounts kidnapped as a result of hacking of 538 sites. Initially, the intention to open the project code was announced in Last August, but the process was delayed and the code is published only now. Service code is written in C # and published under a BSD license. The project is planned to develop with the involvement of the community at Patronage Non-Profit Organization .NET Foundatuon.

Simultaneously announced the start of the cooperation of the HaveibeenPwned project with the US federal bureau, which expressed his willingness to transfer information about compromised passwords detected as a result of investigations. For example, during the fight against botnets, the FBI often faces password bases used in malware for attacks. Interest in the transfer of information to the HaveiBeenPwned service is associated with the desire to obtain a single point for checking compounded accounts. Password information is planned to be transmitted in the form of SHA-1 and NTLM hash. To organize an automated password transmission channel, a special API will be developed.

/Media reports.