Have I Been Pwned
  • 24 Mar 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Have I Been Pwned

  • Dark
    Light
  • PDF

Have I Been Pwned is a website to check whether email accounts have been compromised in a data breach.

The Enrich User Data by Have I Been Pwned (HIBP) adapter uses the HIBP API to provide information on breaches, pastes and pwned password identified by the 'Have I Been Pwned' (HIBP) website for a given email account.

NOTE
For details on the breaches, pastes and pwned password identified by 'Have I Been Pwned' (HIBP) API, see HIBP API.

The Have I Been Pwned adapter connection requires the following values:

  1. Have I Been Pwned Domain - Specify the Have I Been Pwned (HIBP) domain or use the default configured HIBP public domain. This allows you to use the domain of a proxy instead of connecting directly to the server using the default domain of https://haveibeenpwned.com.
  2. API Key - Use the API key you purchased from 'Have I Been Pwned'.
  3. Account Email - Specify a specific email account (e.g. axonius@axonius.com).
NOTE
To run the HIBP query against multiple Account Emails, you must use the Enrich User Data with Have I Been Pwned Enforcement Center action.
  1. Verify SSL - Choose whether to verify the SSL certificate of the server.
  2. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

have ibeen pwnd.png


What's Next
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.