Skip to content

I suggest you ...

← General

small 'best of' download files instead of full 10 gb...

in one of the recent blogs from you or cloudflare, it is talked that basically it would be best to deny all passwords with a count > 100 and warn on password > 20. would it be possible to create download files just for these (i think) like 10 mil records (all > 20)? that would make it easier to create a local repository database with a workable download size and working count. ... and ignoring the rare passwords which make up the largest bucket of your collection.

1 vote
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Lukas shared this idea  ·   ·  Report…  ·  Admin →
declined  ·  AdminTroy Hunt (CEO / Founder, Have I Been Pwned) responded  · 

You can easily do this yourself by pulling down the entire data set then just extracting all records within the threshold you’ve chosen. I don’t want to publish multiple versions of the same data at different thresholds, this is a very subjective decision and it can easily be extracted from the existing data,

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • AdminTroy Hunt (CEO / Founder, Have I Been Pwned) commented  ·   ·  Report

    Get a VPS for a couple of bucks, filter out the data, job done! If you don't have the means to do that then I suggest you're probably not running a service that will really benefit from defences against credential stuffing.

  • Lukas commented  ·   ·  Report

    ok, i understand. but it is just that not everybody has the means to download and open a 30 gb textfile and process files that large. but ok... :) thanks for the answer. and many thanks for the generall effort in the project in general!

General

Categories

Feedback and Knowledge Base

(thinking…)