Skip to content

General

101 results found

  1. Split up breach listing page

    This page:
    https://haveibeenpwned.com/PwnedWebsites#Facebook
    Is surprisingly difficult to browse on mobile, because it's so very long.
    The anchor link doesn't seem to always take you to the right section, because of the page length, at least on mobile. On desktop, it works fine though.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Show me an example of the response that is received when a phone number is sent to the breachedaccounts api endpoint

    I am working on an application - I am unable to find a number that was in a breach. Can you please provide me an example response when a phone number is queried to the breachedaccounts api. I just need to look at the structure and the keys

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. "Leak date" column in spreadsheet

    It would be better if the spreadsheet with the leak records had a "leak date" column.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Add SSH leaked keys

    We believe the future of credentials checking goes beyond just password, and integrating SSH key checking would add lots of value to www.haveibeenwned.com.
    SSH keys are also sensitive credentials that are increasingly exploited by attackers in our research findings. We are willing to share our up-to-date SSH leaked key database with www.haveibeenwned.com.

    92 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Indicate which data classes were compromised for each record in a breach

    So yeah, when testing an email-address, if should be made clear in the returned results whether the full data (name, physical address, email) or only the email-adress was leaked.
    This is important because the ledger hack is more serious than many other to the security of those leaked.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Notify email owner by phone text message

    Offer the flexibility for a user to enter all email addresses owned by the user along with a mobile number through which the user gets notified if any of the listed emails are pwned.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Showing results via Mail

    I think it is a matter of privacy what services (that were breached) I used. This site allows me to type in any e-mail I know and to verify whether or not the person did use a special service. It might seem that this information is not too big of a deal, still I'd consider it private. So my suggestion is that the services only sends back a link to the email that shall be checked and provides the results there.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Paypal option to pay API key

    Not everyone has a creditcard. Should be nice if I can pay the API key with paypal :)

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Unsubscribing partial domain email breach notification with multiple domains

    If you register an email notification for multiple domains, you are notified for all domains.
    However, if at some point you no longer wish to be notified about one of the domains, it does not seem possible to unsubscribe from one of the domains only. (If you unsubscribe from both, and then re-subscribe to just 1 of the domains, it seems like your previous multi-domain account with the same email is reactivated, and multiple domain notifications are again emailed.)

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. For each of the download files, can you make available a sample file with 100 rows?

    Instead of downloading the large file to see the file format, I would like to download a 100-row example. This would save bandwidth and allow someone to experiment with integrating the database into an app without having to download the very large example.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Add hover text to define "paste" and "paste accounts" on home page

    I had to hunt around in About to learn what these were.
    Thank you,
    --Ben

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Internationalized domain name

    Domain search verifying by email : domains with umlauts get not an email without any error message. Of course, if you convert domain name from IDN into ACE string before you enter it works.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Google Analytics?

    I'm a European Data Privacy Officer and in my applications I don't allow any tracking cookies. Can you prove a - maybe paid - service without Google Analytics?
    Thanks
    Bernd

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. add a webhook option for domain breach notifications.

    In addition to notifications via email, add a webhook option to be notified when your domain appears in the data breach list.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Add the “Notify Me” element to API functionality

    Add the “Notify Me” element to API functionality so that people can be automatically added to the monitoring (as well as the one off checks)

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Add date stamps to each breach listed on the home page

    So visitor can quickly grasp how up-to-date your data is.
    Thank you,
    --Ben

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Due diligence search on prospective service domains

    Add the ability to search for historical breach information against a prospective service domain (Facebook, linkedin, firefly.ai) that may have been breached. This feature would be very handy as part of a due diligence operation prior to using that service

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. An API call that returns both paste and breach information for a given account

    This may be related to rate limiting, but it would be nice if I didn't have to make two calls to get both the paste and breach information for an account.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. add icons for passwords and credit card numbers in report

    Since breaches of passwords and credit card numbers are so much worse than any other breaches, it would be great if you added icons to the Pwned sites column in the report. That is it would say:

    Adobe, Forbes🔑, Vodaphone💳, Zomato🔑

    This allows people to focus on the most important issues first. Dates would help in this regard:

    Adobe 2013, Forbes🔑2014, Vodafone💳2013, Zomato🔑2017

    This isn't adding any information you don't already have, just making it more convenient.

    (The emoji are 🔑 U+1F511 or🗝️ U+1F5DD and 💳 U+1F4B3.)

    Thanks for providing this great service!

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

General

Categories

Feedback and Knowledge Base