Have I Been Pwned MCP Server
by Cyreslab-AI
This MCP server integrates with the Have I Been Pwned API to check if accounts or passwords have been compromised in data breaches. It provides tools to check email addresses, passwords, and get breach details.
Last updated: N/A
What is Have I Been Pwned MCP Server?
The Have I Been Pwned MCP Server is a Model Context Protocol server that allows you to check if your email addresses or passwords have been compromised in data breaches using the Have I Been Pwned API. It provides a secure and convenient way to assess your online security.
How to use Have I Been Pwned MCP Server?
To use the server, you need to install it via Smithery or manually by cloning the repository, installing dependencies, building the server, and configuring it in your MCP settings file with a valid Have I Been Pwned API key. Once configured, you can use natural language prompts with Claude to check email addresses, passwords, and retrieve breach details.
Key features of Have I Been Pwned MCP Server
Check if an email address has been found in data breaches
Check if a password has been exposed in data breaches (using k-anonymity)
Get detailed information about a specific data breach
List all breaches in the system, optionally filtered by domain
Use cases of Have I Been Pwned MCP Server
Checking personal email addresses for breaches
Checking if a password has been exposed
Investigating specific data breaches
Monitoring a domain for breaches
FAQ from Have I Been Pwned MCP Server
What is k-anonymity?
What is k-anonymity?
K-anonymity is a privacy-preserving technique used when checking passwords. It sends only the first 5 characters of the SHA-1 hash of the password to the API, ensuring the full password is not transmitted.
Do I need an API key to use this server?
Do I need an API key to use this server?
Yes, an API key is required for most features (except password checking). You can obtain an API key from haveibeenpwned.com/API/Key.
How do I install this server?
How do I install this server?
You can install it automatically via Smithery or manually by cloning the repository, installing dependencies, building the server, and configuring your MCP settings.
Where do I configure the API key?
Where do I configure the API key?
The API key should be provided as an environment variable named HIBP_API_KEY in your MCP settings configuration.
What kind of data breaches can this server detect?
What kind of data breaches can this server detect?
This server can detect any data breach that is indexed by the Have I Been Pwned API.