Optimising Caching on Pwned Passwords (with Workers)

In February 2018, Troy Hunt unveiled Pwned Passwords v2, a database containing over half a billion real-world leaked passwords to combat modern threats against password security. To support this project, Junade Ali built a k-Anonymity model that enhances caching by mapping multiple leaked password hashes to a single hash prefix and is performed in a deterministic HTTP-friendly way. Since its launch, Pwned Passwords has been implemented across various platforms such as EVE Online, Kogan, 1Password, Okta's PassProtect, and Firefox Monitor. The anonymity model allows for enhanced caching by mapping multiple leaked password hashes to a single hash prefix and is performed in a deterministic HTTP-friendly way.