General

  1. update the breached password list download again

    I noticed you stopped updating the download for breached passwords. I would like to continue to have an up to date data set to prevent users form choosing breached passwords but I will not use the API.

    I don't want the availability of something like registering for an account to be tied to an external service, nor do I want to slow the process down by waiting on an external API.I just want an up to date list to check locally and decide to accept or reject the password my user is trying to choose.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Display the Bitcoin Cash donation address as CashAddress

    On the donation page the Bitcoin Cash donation address is displayed in the old legacy format (1DQZe241VSm5VjY1YeAyiWQR5VFH3heCtJ).
    Most wallets (probably 100% of all user facing once) supports the CashAddress format (bitcoincash:qzypv5j3ce6g57x9te25lgx0z6af8ehz2c8tudzpaf in this case) and using the legacy format for bitcoin cash is discouraged due to a risk of sending to an invalid address.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. I reiceived an email that I'm in the Epik hack, but I have never had an account there so it seems something is off.

    I reiceived an email that I'm in the Epik hack, but I have never had an account there so it seems something is off with hibp?

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Erroneous link to v2 API documentation

    On page https://haveibeenpwned.com/PwnedWebsites the link on the sentence "These are accessible programmatically via the HIBP API" still redirects to the deprecated v2.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Offer a direct link to an account's breaches

    It would be helpful if we could directly link to an account's breaches info.

    For example, using an URL like https://haveibeenpwned.com/#example%40example.com to directly open the pwned information for example@example.com.

    This would make it easier to integrate HIBP into other products without having to recreate the whole pwned information webpage.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Test accounts that always return the same results

    For unit testing purposes, to be able to be certain that the data from HIBP is parsed and stored in the application correctly.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Add API search for telephone number

    The current API allows the list of pwned accounts (email addresses and usernames) to be quickly searched via a RESTful service.

    Can you add the phone number search (based on your portal search for Facebook breach)?

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Add an option to search breached accounts through a username

    And it could work that if there are multiple accounts using the same username then you for example can choose the one that's yours

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Search by email address domain?

    I have my own domain with a catch-all service. Every website I register get's a different mail address which makes it easier to block addresses that receive spam (after a leak) and to check if the sender is really the sender. Checking each mail address individually is time consuming, can I somehow check all mailaddresses ending with my specific domain?

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. automatation / ml / nlp for surfacing "sensitive" breach

    Curious about your thoughts on using some sort of automation / aggregation / ML to help classify what constitutes a "sensitive" breach, and also what the most up-to-date state of "sensitive breach" classification logic is.

    Would also be great to have an easy-to-find and up-to-date list of what those sites are.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. top list of worst passwords.

    Not sure how prevalent very popular passwords are, so Id suggest if possible, it would be a real nice feature to see the worst offenders in order of most reused.

    For instance "password", is its millions of instances actually #1 or is something else more prevalent?

    Seeing the worst of the worst in terms of commonality/instances of use would be a nice tool for average users to gauge just exactly how bad that "Password1!" workaround really is.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Being able to clear the history of breaches.

    I would love to be able to clear the breached websites that my email adress has. I think this would be a great addition to the opt-out feature.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Cannot do payments from debit card for one time.

    You should add debit cards also in payment and upi.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Opt-in / Change opt-out type

    It would be great to add opt-in / change opt-out type after user opted-out. For example, I started using 1password, so I would like to switch from "visible just to me" to "delete all previous breaches" so that I can get notification in 1password, resolve it and then "delete all breaches" again.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Provide further evidence to validate how secure this site is

    Given the fact a lot of users who come to this site may already be "super" worried about putting their email address "anywhere" online due to the fact they will have come to this site pretty much following a data breach story and / or because their own account has been compromised, without giving too much away to those that like to hack, would very much appreciate a way in which you could prove an email address is not stored for a user to feel relieved / happy they can use your site confidently and enter an email address.

    I…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Please. could you explain whats the meaning of "pwned" in English?, because y cant't find it in any english dictionary.

    Please. could you explain whats the meaning of "pwned" in English?, because y cant't find it in any english dictionary.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Allow CSIRTs to be able to monitor their constituents domains

    CSIRTs use to monitor their customers domains in order to warn them about potential breaches, vulnerabilities and incidents related to them. It should be good to allow CSIRTs covering a large constituency (like national CSIRT, industry CSIRTs, Academic CSIRTs) to be able to monitor their constituents domains by accessing the info in a convenient way (by signing, for example, an NDA, compromise, etc)

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. V5 files contain seeded hashes?

    The latest V5 password files sorted by hash come up negative with all tested passwords. It looks like the hashes are seeded or non-standard. This applies to both SHA1 and NTLM files of version V5.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  12 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. 3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
← Previous 1 3
  • Don't see your idea?

General

Categories

Feedback and Knowledge Base