Skip to content

Anonymous

← Customer feedback for Have I Been Pwned

My feedback

1 result found

  1. Enable search and notifications for email addresses using the "+" syntax

    2,646 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    117 comments  ·  General  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Anonymous commented  · 

    I'm not sure who loses information about where the breach came from. Could you clarify that?

    And I think that if you choose to implement a feature to check against these cases, you will have to do it on a provider by provider basis anyways. Like you mentioned earlier, some providers have different rules (I'll keep in mind that outlook also has this awesome feature).
    What about this?
    When checking out a breach, instead of just stripping when there's +syntax, you create another column, eg "base_email", and if the email uses + syntax and is from a provider that is known to use +syntax, assign a stripped version of the email, else just the normal email adress(or None)?
    And then later when you're sending out notifications, also check the base_email?

    An error occurred while saving the comment
    Anonymous commented  · 

    What if you just stripped everything after the "+" and maybe the dots, but only for gmail adresses?
    Since they're the largest email provider that actually ignores dots and everything after the plus(I think.)
    There is a possibility of getting multiple entries by doing so, because besides finding out who added you to a mailing list and filtering out, another use of the plus and dots is registering multiple accounts with the same email adres on 1 site.

Feedback and Knowledge Base

(thinking…)