March 04, 2020 1:00PM
Pwned Passwords Padding (ft. Lava Lamps and Workers)
Starting today, we are offering a new security advancement in the Pwned Passwords API - API clients can receive responses padded with random data....
December 24, 2018 4:00PM
Mejoramos el tiempo hasta el primer byte de HTML
Rendimiento Cloudflare Workers Cloudflare Workers KV Passwords ServerlessEl tiempo hasta el primer byte (TTFB) de un sitio web es el tiempo desde que el usuario comienza a navegar hasta que el código HTML de la página que ha solicitado empieza a llegar....
December 20, 2018 1:00PM
Banking-Grade Credential Stuffing: The Futility of Partial Password Validation
Passwords SecurityRecently when logging into one of my credit card providers, I was greeted by a familiar screen. After entering in my username, the service asked me to supply 3 random characters from my password to validate ownership of my account....
February 26, 2018 12:04PM
Using Cloudflare Workers to identify pwned passwords
Passwords Developers Serverless Cloudflare Workers SecurityLast week Troy Hunt launched his Pwned Password v2 service which has an API handled and cached by Cloudflare using a clever anonymity scheme. The following simple code can check if a password exists in Troy's database without sending the password to Troy....
February 21, 2018 7:00PM
Validating Leaked Passwords with k-Anonymity
Passwords Best Practices SecurityToday, v2 of Pwned Passwords was released as part of the Have I Been Pwned service offered by Troy Hunt. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against password security....
More Posts