‘Have I Been Pwned’ Is Going Open Source – Providing Full Transparency & the Ability for Anyone to Contribute in the Future

• ‘Have I Been Pwned’ has become too complex to be managed by a single individual, so it’s going open-source.
• The platform is one of the most secure and reliable ways to check your email address against a database of known data breaches.
• By going open-source, HIBP will depend on its community to further evolve the platform and make it as transparent as possible.

One of the most useful cyber-security tools is, without any doubt, ‘Have I Been Pwned.’ Launched in 2013, it’s still sticking to its primary focus – to allow anyone to check whether their email account has been affected by any breach. However, maintaining this tool has become overwhelming for its creator, who’s now promising to open-source the project.

The creator of ‘Have I Been Pwned’ is Troy Hunt, who’s now a Microsoft Regional Director, in addition to having many other roles. Via a freshly published blog post, Hunt notes that his commitment towards other projects has affected the cyber-security tool he launched years ago.

The first solution was to sell the platform, which turned out to be more complicated than initially expected. This is why HIBP is now ready to open its doors to a vibrant community of contributors.

To understand why this is such a huge deal, let’s remind you how HIBP works. In its essence, it tells you whether your email account has been affected by a breach. Once you provide your email address, HIBP checks it against its often-updated database, submitting a full report of compromised accounts and types of leaked information.

As you can expect, HIBP works without letting hackers know about compromised accounts. This is where “k-Anonymity” comes into play, designed by Troy Hunt and Junade Ali. Today, many companies are employing this technology, including LastPass, 1Password, Okta PassProtect, Apple, Google, and others.

Related Content: 2,000 NordVPN Users Affected by Credential Stuffing / StockX Breach Published on HIBP / 40 Million Wishbone Account for Sale on the Dark Web

Hunt also noted that HIBP’s code isn’t exactly elegant, meaning that the entire code-base can’t be uploaded to GitHub, as it requires to be optimized. Due to this reason, we don’t have a timeline of how HIBP plans to go open-source. We know that parts of the project will be made public, where Hunt intends to rely on the community to help him rectify any issues.

Even in its current form, ‘Have I Been Pwned’ is the best online source for checking your email address and user accounts’ security. Once the platform becomes publicly visible, it will also become fully transparent. As a result, this should help make the platform more useful and more privacy-friendly while ensuring that hackers are kept away.

Related Content: The Best Reasons to Go Open Source / Is It Possible to Go Completely Open Source / The Coolest Open Source Hardware Projects

Finally, we’d like to remind you to take proper care of your passwords, especially when it comes to creating new ones after a data breach. Here’s how to develop rock-solid passwords, in addition to using two-factor authentication.

Of course, you can also turn to password managers, which will make this process as easy as possible.