Have I Been Pwned
  • 24 Mar 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Have I Been Pwned

  • Dark
    Light
  • PDF

Have I Been Pwned is a website to check whether email accounts have been compromised in a data breach.

The Enrich User Data by Have I Been Pwned (HIBP) adapter uses the HIBP API to provide information on breaches, pastes and pwned password identified by the 'Have I Been Pwned' (HIBP) website for a given email account.

NOTE
For details on the breaches, pastes and pwned password identified by 'Have I Been Pwned' (HIBP) API, see HIBP API.

The Have I Been Pwned adapter connection requires the following values:

  1. Have I Been Pwned Domain - Specify the Have I Been Pwned (HIBP) domain or use the default configured HIBP public domain. This allows you to use the domain of a proxy instead of connecting directly to the server using the default domain of https://haveibeenpwned.com.
  2. API Key - Use the API key you purchased from 'Have I Been Pwned'.
  3. Account Email - Specify a specific email account (e.g. axonius@axonius.com).
NOTE
To run the HIBP query against multiple Account Emails, you must use the Enrich User Data with Have I Been Pwned Enforcement Center action.
  1. Verify SSL - Choose whether to verify the SSL certificate of the server.
  2. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

have ibeen pwnd.png


What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.