>That list has been added to free online service Have I Been Pwned (HIBP).
>
>It lets anyone search through hundreds of millions of passwords to see if theirs is in the hands of criminals.
>
>Troy Hunt, the security researcher who runs the site, announced on Friday that it now has a “pipeline” function for law enforcement to add passwords they have recovered to the service.
>
>”The premise is simple,” he wrote in a blog post.
>
>”During the course of their investigations, they come across a lot of compromised passwords, and if they were able to continuously feed those into HIBP, all the other services out there using Pwned passwords would be able to better protect their customers from account takeover attacks.”
1 comment
That’s pretty cool.
>That list has been added to free online service Have I Been Pwned (HIBP).
>
>It lets anyone search through hundreds of millions of passwords to see if theirs is in the hands of criminals.
>
>Troy Hunt, the security researcher who runs the site, announced on Friday that it now has a “pipeline” function for law enforcement to add passwords they have recovered to the service.
>
>”The premise is simple,” he wrote in a blog post.
>
>”During the course of their investigations, they come across a lot of compromised passwords, and if they were able to continuously feed those into HIBP, all the other services out there using Pwned passwords would be able to better protect their customers from account takeover attacks.”
How did HIBP used to populate their databases?