Have I Been Pwned, the go-to site for whether a password has been exposed in a security breach, has partnered with the FBI to further grow its database. Troy Hunt, the creator of the free resource, assures that this agreement will allow to proactively warn people who have been victims of data theft.
The FBI works on all kinds of digital investigations and plays a key role in the fight on issues such as child abuse, ransomware and terrorism o. Hunt explains that in the course of his investigations, compromised passwords are found . These end up being used by cybercriminals and do not come quickly to Have I Been Pwned to warn users.
With this association, Have I Been Pwned will be able to access a huge number of leaked passwords, in record time . However, the project requires a preliminary step so that the federal agency can insert this data on the site. To do this, HBP has been made open source through the .NET Foundation.
“The FBI reached out and we started a discussion about what it would be like to provide them with an avenue to enter compromised passwords in HIBP and expose them through the Pwned Passwords feature. Their goal here is perfectly aligned with mine and dare I say with the goals of most people reading this. “
Troy Hunt, creator of Have I Been Pwned
Have I Been Pwned is now an open source project
Have I Been Pwned After announcing the partnership with the FBI and the move to open source, Hunt is asking for community input. The idea is that a “way to enter compromised passwords in HIBP ” can be found. In the future it is hoped that other law enforcement agencies can contribute their findings.
Hunt also explains that “except for a donation”, all the costs of construction, operation and maintenance of the service have come directly from his pocket . However, the Microsoft Azure cloud service has allowed him to host it “without spending too much money.”
Deputy Director of the FBI Cyber Division, Bryan A. Vorndran, said: “We are excited to partner with HIBP on this important project to protect victims of online credential theft. It is another example of the importance of partnerships. public-private in the fight against cybercrime “.
