.

Healthy Passwords

.

.

New Website May Find Your Insecure Password Before Most Hackers Do

Date: 2011-11-04 23:04:54

Pwnedlist.com logo A new site, pwnedlist.com, now has spiders crawling the web looking for breached or vulnerable password lists. The site was created by Alen Puzic and Jasiel Spelman, two security researchers from DVLabs, a division of HP/TippingPoint.

According to the site's "learn" page, the site does not keep any email data submitted through queries (no phishing). The little they reveal about site architecture is great. We are big fan of Amazon Simple DB (SDB) and feel it's the one the least vulnerable database platforms a website can use.

For the truly skeptical, the site enables users to submit their email as an SHA-512 hash See what are hashes and rainbow tables.

We tested a known bad email from a recent hack and it did not show up in the database. In fairnmess, the same address was not found in shouldichangemypassword.com either.

The sites domain was registered in June 2011 under a proxy service, which is very common and does not raise any flags. The founder is a well respected and active member of the security community. All timelines on personal and business twitter feeds correlate properly. We started this article on November 1st, and submitted some questions to the website. In the three days that followed we've received no response, but at least dozen publications have reported on pwnedlist.com, including Brian Krebs and Kaspersky Labs.

Every indication points to pwnedlist.com being a great resource.

Related Stories

Kaspersky Labs ThreatPost has the only real interview with founder, Alen Puzic as of 04-Nov-2011.

Brian Krebs has a good article geared toward the more technical crowd.

Category: Breach

Subcategory: Authentication

blog comments powered by Disqus
McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

 Subscribe in a reader

.

Leaf

Leaf

Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review
Leaf

.

Leaf