This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.

Summary

DS-1299
Pwned Passwords List
External Dataset
External Data Source
haveibeenpwned.com
Unknown
Unknown
56 (lowest rank is 56)

Category & Restrictions

Other
cyber crime, password security, cyber defense
Unrestricted
true

Description


Pwned Passwords are 555,278,657 real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they're at much greater risk of being used to take over other accounts.

The entire set of passwords is downloadable with each password being represented as either a SHA-1 or an NTLM hash to protect the original value (some passwords contain personally identifiable information) followed by a count of how many times that password had been seen in the source data breaches. The list may be integrated into other systems and used to verify whether a password has previously appeared in a data breach after which a system may warn the user or even block the password outright.

Additional Details

N/A
false
Unknown
passwords, pwned, list, pwned passwords list, 1299, source, external data source, inferlink corporation, corporation, inferlink, external, breaches, exposed, 657, real, exposure, unsuitable, 555, ongoing, accounts, 278, risk, password, user, sha, warn, personally, system, ntlm, hash, count, represented, other, entire, integrated, times, appeared, systems, identifiable, verify, outright, block, protect, breach, original, downloadable