Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The domain search feature on haveibeenpwned is/was free. I registered my domain on haveibeenpwned back in 2017 and I got two emails about breaches, one in 2020 and another in 2022. I did not pay.


I wasn’t aware of this feature, but can confirm. Just tried and it is free.

Log into dashboard, under business there is a domains tab. Enter your domain there and verify ownership. Didn’t ask for payment.


But I can't find the old list of what address was affected where. I only see my own address.


I have 15 pwned email addresses. It's free for under 10.


It tells you that an address in your domain has been included in a breach. It doesn't tell you which address was included. That's what the OP and I are opining about.


It does. I just checked mine today. I can see exactly which individual email addresses in my domain where exposed and in which data leak. I have never paid for it.


Interesting. I'd love to see where you're seeing that. I'll go poke at the site a little more.

Edit: When I try to do a domain search I get told:

> Domain search restricted: You don't have an active subscription so you're limited to searching domains with up to 10 breached addresses (excluding addresses in spam lists).

My domain has 11 breached addresses.


I log in. Click on Business -> Domains. Then click on the looking glass under "Actions" on my domain. I can there see all my addresses an Pwned Sites.

But I think you are right, because I only have 3 breached addresses under my domain (I do see the 10 addresses wording under subscriptions)


Yep, if you have the good fortune of having many breaches while using companname@example.org, the service requires that either you pay up or you have to guess and check.

I understand, but it's frustrating.


It is only free if you have fewer than 10 pwned addresses.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: