/plushcap/analysis/cloudflare/optimising-caching-on-pwnedpasswords

Optimising Caching on Pwned Passwords (with Workers)

What's this blog post about?

In February 2018, Troy Hunt unveiled Pwned Passwords v2, a database containing over half a billion real-world leaked passwords to combat modern threats against password security. To support this project, Junade Ali built a k-Anonymity model that enhances caching by mapping multiple leaked password hashes to a single hash prefix and is performed in a deterministic HTTP-friendly way. Since its launch, Pwned Passwords has been implemented across various platforms such as EVE Online, Kogan, 1Password, Okta's PassProtect, and Firefox Monitor. The anonymity model allows for enhanced caching by mapping multiple leaked password hashes to a single hash prefix and is performed in a deterministic HTTP-friendly way.

Company
Cloudflare

Date published
Aug. 9, 2018

Author(s)
Junade Ali

Word count
1538

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.