Have I Been Pwned 2.0: More speed & confetti
A revision of the "Have I Been Pwned" project provides more clarity and confetti for anyone who wants to know whether they have been affected by a data leak.
If you want to see whether your passwords have already been cracked
(Image: https://haveibeenpwned.com)
Troy Hunt's “Have I Been Pwned” project (HIBP) has been relaunched with new functions and effects. The central element, a field for entering the e-mail address, remains the same, but there are noticeable changes. Virtual confetti will appear for all those whose login details have not been leaked. Data leaks that have been found, on the other hand, are displayed chronologically in a timeline.
There is also a separate page for each data leak with information about the incident and recommended actions for those affected. In the future, the data will also be supplemented with further details, such as whether the service supports multifactor authentication or passkeys. In the future, the data leak page will contain more user- and country-specific information, for example from various cybersecurity authorities.
Dashboard for additional functions
In addition, all functions that require verification via an email address are bundled in a dashboard, including access to leaks, API key management and domain search. The search is performed on the client side and, according to Hunt, should be very performant even with large data sets.
Videos by heise
The search options for usernames and phone numbers have been removed from the homepage as they were only relevant for a few incidents, namely the Snapchat incident in 2014 and the Facebook incident in 2021. However, the function is still available to developers via an API. The website also uses Cloudflare's Turnstile and no longer Google's reCaptcha as an anti-bot solution.
(mack)
