The FBI is working with Have I Been Pwned and is handing over the leaked security codes it holds in its databases. Also the service HIBP control becomes open source.
Have I Been Pwned (HIBP), a website created and maintained by security researcher Troy Hunt, is one of top destinations to find out if email or code of your access, was part of a data breach.
Hunt, who is also Microsoft's regional security director, announced last night that makes the site open source so that other developers can contribute to the project and make it easier to find your compromised credentials. For the record, had announced his intention to sell it or make it available to other services.
As a first step, the Hunt Foundation and .NET make code unity accessopen source. The whole structure will not be done but only the Password modules. This page that essentially allows you to check if any of your passwords were part of a data leak.
In addition, HIBP is working with the FBI, which will help strengthen the database with its own set of compromised codes.
The FBI will share the passwords as hash pairs SHA-1 and NTLM, which can then be searched for using the service or obtained as part of the Pwned Password list.
The Pwned module password allows users to download passwords that have been compromised as SHA-1 or NTLM password lists, and can be used offline by Windows administrators to check if they are being used on their network.
Earlier this week, Hunt noted that the HIBP website is approaching 1 billion monthly requests for password and email identity leaks.
