Have I Been Pwned

These real world experiences with Azure are now available in the Pluralsight course "Modernizing Your Websites with Azure Platform as a Service" [http://www.pluralsight.com/courses/modernizing-websites-microsoft-azure]How much capacity will you need for your app? Or asked another way if wearing the vendor hat, how much money ya got? We’re generally lousy at estimating infrastructure capacity requirements and even when a more scientific approach is taken (and it’s frequently not), we’re still l...

These real world experiences with Azure are now available in the Pluralsight course "Modernizing Your Websites with Azure Platform as a Service" [http://www.pluralsight.com/courses/modernizing-websites-microsoft-azure]I was helping out a consumer of Have I been pwned? [https://haveibeenpwned.com/] (HIBP) earlier today as they were trying to build up a profile of the pwnage state of their client base. This mean firing a heap of requests at the API [https://haveibeenpwned.com/API/v2] so that they...

These real world experiences with Azure are now available in the Pluralsight course "Modernizing Your Websites with Azure Platform as a Service" [http://www.pluralsight.com/courses/modernizing-websites-microsoft-azure]No really, they’re totally awesome! I used Azure WebJobs [http://azure.microsoft.com/en-us/documentation/articles/websites-dotnet-webjobs-sdk-get-started/] in the very early days and whilst they served a purpose, I wasn’t blown away with them at the time. In fact I went on to use...

For the past year and a bit I’ve been building out features on Have I been pwned? [https://haveibeenpwned.com/] (HIBP) in response to things I think would be awesome and things I’m asked for. I’m constantly surprised at the ways people have found to use the data for good, which is a nice twist given that the data normally comes from very unpleasant circumstances. For some ideas on how the data has been used, have a look at the API consumers page [https://haveibeenpwned.com/API/Consumers]: variou...

These real world experiences with Azure are now available in the Pluralsight course "Modernizing Your Websites with Azure Platform as a Service" [http://www.pluralsight.com/courses/modernizing-websites-microsoft-azure] Remember the good old days when a website used to be nothing more than a bunch of files on a web server and a database back end? Life was simple, easy to manage and gloriously inefficient. Wait – what? That’s right, all we had was a hammer and we consequently treated every challen...

As feature releases go, this is not exactly a killer, but to my surprise it was one that was requested quite frequently. It turns out that people really wanted to be able to keep abreast of new breaches and pastes in Have I been pwned? [https://haveibeenpwned.com/] (HIBP) via RSS. Not only is that a perfectly reasonable request, but it was also an easy one to get on top of so here it is! There are two RSS feeds both linked in from various places on the site including in the navigation. For your...

As I’ve written in the past [https://www.troyhunt.com/2013/12/micro-optimising-web-content-for.html], I put an awful lot of effort into making Have I been pwned? [https://haveibeenpwned.com/] (HIBP) fast. Not just a bit fast, blisteringly fast and that includes when it’s under a huge amount of load [https://www.troyhunt.com/2014/09/10-things-i-learned-about-rapidly.html]. But there was something bugging me with the site when it came to performance and it was this: That’s right, 33 images loa...

I imagine this is what it’s like when one of your kids gets old enough to finally beat you at something you’ve poured your heart into teaching them. Yes, I’m proud and it’s awesome that it has turned out so well, but I was still a little disappointed to get this the other day: This came totally out of the blue for me which, of course, is exactly how it’s meant to work. If all this is unfamiliar to you, this is the paste monitoring feature of “Have I been pwned?” (HIBP) which I launched last m...

These real world experiences with Azure are now available in the Pluralsight course "Modernizing Your Websites with Azure Platform as a Service" [http://www.pluralsight.com/courses/modernizing-websites-microsoft-azure]This is not what you want to see on your Azure website: Ok, so what are we looking at here? CPU goes up and up and up and then… dramatically down. There are even some additional coloured lines in the middle of that graph indicating that there were more instances put on just to d...

I’ve got 174,451,409 breached accounts in Have I been pwned? [https://haveibeenpwned.com/] (HIBP) as of today which probably sounds like a lot, but it’s not. Why is it not a lot? Because whilst that list spans a lot of the big breaches I could get my hands on, as of the middle of this year (now a couple of months ago already), there were over half a billion accounts breached in just six months [https://www.riskbasedsecurity.com/2014/08/hacking-exposed-78-of-all-records-compromised-in-first-half-...