Have I Been Pwned MCP Server
by Cyreslab-AI
This is a Model Context Protocol (MCP) server that integrates with the Have I Been Pwned API. It allows you to check if your accounts or passwords have been compromised in data breaches.
Last updated: N/A
What is Have I Been Pwned MCP Server?
The Have I Been Pwned MCP Server is a tool that connects to the Have I Been Pwned API to check for compromised accounts and passwords. It allows users to query the API through a Model Context Protocol (MCP) server, making it easy to integrate with applications like Claude.
How to use Have I Been Pwned MCP Server?
First, install the server using npm or Smithery. Then, configure the server in your MCP settings file, providing your Have I Been Pwned API key as an environment variable. Once configured, you can use natural language prompts with Claude to check email addresses, passwords, and get breach details.
Key features of Have I Been Pwned MCP Server
Check if an email address has been found in data breaches
Check if a password has been exposed in data breaches (using k-anonymity)
Get detailed information about a specific data breach
List all breaches in the system, optionally filtered by domain
Use cases of Have I Been Pwned MCP Server
Checking personal email addresses for breaches
Checking password strength and exposure
Investigating specific data breaches
Monitoring a domain for breaches
FAQ from Have I Been Pwned MCP Server
What is k-anonymity?
What is k-anonymity?
k-anonymity is a privacy-preserving technique used when checking passwords. Only the first 5 characters of the SHA-1 hash of the password are sent to the API, and the check is completed locally.
Do I need an API key to use this server?
Do I need an API key to use this server?
Yes, an API key is required for most features (except password checking). You can get one at haveibeenpwned.com/API/Key.
How do I configure the API key?
How do I configure the API key?
The API key should be provided as an environment variable named HIBP_API_KEY in your MCP settings configuration.
Where can I find my MCP settings file?
Where can I find my MCP settings file?
For Claude VSCode extension, it's in ~/Library/Application Support/Code/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json. For Claude desktop app, it's in ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or similar path on other platforms.
Is this server secure?
Is this server secure?
The password checking feature uses k-anonymity to protect your passwords. However, always ensure your API key is stored securely and avoid exposing it in your code.