Back in 2013, I was beginning to get the sense that data breaches were becoming a big thing. The prevalence of them seemed to be really ramping up as was the impact they were having on those of us...

The very first feature I added to Have I Been Pwned after I launched it back in December 2013 was the public API [https://www.troyhunt.com/have-i-been-pwned-you-can-now-ask-api/]. My thinking at the...

Let me just cut straight to it: I'm going to open source the Have I Been Pwned code base. The decision has been a while coming and it took a failed M&A process to get here, but the code will be...

It was Jan last year that I suggested HTTPS adoption had passed the "tipping point" [https://www.troyhunt.com/https-adoption-has-reached-the-tipping-point/], that is, it had passed the moment of...

Last August, I launched a little feature within Have I Been Pwned [https://haveibeenpwned.com/] (HIBP) I called Pwned Passwords [https://www.troyhunt.com/introducing-306-million-freely-downloadable...

A decade ago to the day, I published a tweet launching what would surely become yet another pet project that scratched an itch, was kinda useful to a few people but other than that, would shortly...

The situation in Minneapolis at the moment (and many other places in the US) following George Floyd's death [https://en.wikipedia.org/wiki/Death_of_George_Floyd] is, I think it's fair to say,...

Be healthy and safe

I often write up analyses of the passwords disclosed in website breaches. For example, there was A brief Sony password analysis [https://www.troyhunt.com/2011/06/brief-sony-password-analysis.html]...

Startup says customer genetic information, health records not affected

If you're reading this, chances are you've arrived here from a link I sent you via email. That email would have been a reply to one you originally sent to me that would have sounded something like...

I've got 2 massive things to announce today that have been a long time in the works and by pure coincidence, have aligned such that I can share them together here today. One you would have been...

It's a great time for HTTPS. Actually, there's never been a better time and as each day goes by, we see constant reminders of how important it is. Someone sent me a great example of this just the...

Only a couple of weeks ago, there were a lot of news headlines about how Germany had banned an internet-connected doll called "Cayla" over fears hackers could target children [http://www.telegraph....

I have been, and still remain, a massive proponent of "the cloud". I built Have I Been Pwned [https://haveibeenpwned.com/] (HIBP) as a cloud-first service that took advantage of modern cloud paradi...

New research shows an alarming new way to track web usersNearly every web browser now comes with a password manager tool, a lightweight version of the same service offered by plugins like LastPass...

Mozilla engineers are working on a notifications system for Firefox that shows a security warning to users visiting sites that have suffered data breaches.

LastPass had an issue the other day [https://blog.lastpass.com/2017/03/security-update-for-the-lastpass-extension.html/] , a rather nasty one by all accounts that under certain (undisclosed) circum...

Update: Twitter has rather belatedly confirmed that a hacker was able to expose the account details, though the company has...

> Patience. Frugality. Sacrifice. When you boil it down, what do those three things have in common? Those are choices. Money is not peace of mind. Money’s not happiness. Money is, at its essence,...