Troy Hunt

Alright folks, for those that would like to follow @haveibeenpwned on Mastodon, I've now set up an *official* account.

There are a bunch of fake ones around the place on other Mastodon instances, the legit one only follows my account and has a *verified* link through to the website.

Also, shoutout to me for temporarily breaking the website by linking through to the full Mastodon URL without properly escaping the @ symbol in the Razor syntax. It's been a big day πŸ˜…

Jan 6, 2023 at 2:54amWeb
Show threadShane BrennanJan 6, 2023
@troyhunt @haveibeenpwned thank you Troy. Much appreciated.
Show threadAlaric AloorπŸ•πŸŽβš½οΈπŸ₯ƒJan 6, 2023

@troyhunt @haveibeenpwned

πŸ™πŸΎ

Show threadMike LapidakisJan 6, 2023
@troyhunt This is fantastic - thank you!
Show threadJerry πŸ¦™πŸ’πŸ¦™Jan 6, 2023
@troyhunt welcome to the fediverse for real, @haveibeenpwned!
Show threadJason Elrod  Jan 6, 2023
@troyhunt @haveibeenpwned Welcome!
Show threadJeff the AlienJan 6, 2023

@troyhunt @haveibeenpwned

sometimes computers hurt

Show threadJonathan WilliamsJan 6, 2023
@troyhunt @haveibeenpwned Welcome :)
Show threadPeter MurrayJan 6, 2023
@troyhunt @haveibeenpwned Followed and alerts turned on. One less reason to go to the other site.
Show threadBlortβ„’ πŸ€β“‹πŸ₯‹β˜£οΈJan 6, 2023

@troyhunt
#HaveIBeenFediversed?
YES!!!

Ps. Nearly 1000 followers on an account without a single toot. Nice!
@haveibeenpwned

Show threadHeath StewartJan 6, 2023
@troyhunt @haveibeenpwned followed because you referenced it, but even after 5 hours from your OP, it's not showing verified. Has your fix been deployed? If so, you may need to edit the account profile in some way so Mastodon re-scans the link.
Show threadTroy HuntJan 6, 2023
@heaths @haveibeenpwned looks good here πŸ€·β€β™‚οΈ
Show threadHeath StewartJan 6, 2023

@troyhunt @haveibeenpwned may be that the app you're using is checking itself. My screenshot is from the web site. The Mastodon app for Android also doesn't show the green checkmark.

When I made similar changes to e.g., GitHub, I had to edit my profile to get it to rescan. This was based on advice from other posts on the topic.

Show threadJonathan Kamens 86 47Jan 6, 2023
@heaths @troyhunt @haveibeenpwned It's not showing up as verified for me either.
Show threadTroy HuntJan 6, 2023
@jik @heaths @haveibeenpwned geez, and some people complain about Twitter being flakey! Don't know what more I can do, looks fine everywhere for me:
Show threadJonathan Kamens 86 47Jan 6, 2023
@troyhunt @heaths @haveibeenpwned only advice I've seen is to remove the URL, save the profile, add the URL back, save it again.
Show threadHeath StewartJan 6, 2023
@troyhunt @jik @haveibeenpwned even in the web site? You could try changing the address (even invalid), save, then change it back and save again. If you're using apps they night verify it themselves. If the web site...that is strange.
Show threadTroy HuntJan 6, 2023
@heaths @jik @haveibeenpwned this is it right now:
Show threadJonathan Kamens 86 47Jan 6, 2023
@troyhunt @heaths @haveibeenpwned It's now showing up as verified on infosec.exchange when I open the original page but not on my instance. Not sure why, maybe a bug. 🀷 I don't think you should worry about it. Thanks for trying. πŸ‘
Show threadHeath StewartJan 6, 2023
@jik @troyhunt @haveibeenpwned Interesting. If I go to https://infosec.exchange/@haveibeenpwned I see it's verified as well. Do either of you not on fosstodon.org see 3 verified links for me? Maybe this is some cross-instance bug.
Show threadJonathan Kamens 86 47Jan 6, 2023
@heaths @troyhunt @haveibeenpwned Yours are working, I see checks.
Show threadTroy HuntJan 6, 2023
@jik @heaths @haveibeenpwned at a guess: I think Cloudflare is blocking the check from other Mastodon instances. I've got some fairly aggressive rules that I temporarily disabled while setting this up, will need to think about how to let verification checks through...
Show threadJonathan Kamens 86 47Jan 6, 2023
@troyhunt @heaths @haveibeenpwned Yeah, you need to leave access enabled for verification to work. Each instance verifies independently.
Show threadTroy HuntJan 6, 2023
@jik @heaths @haveibeenpwned hmm... if only there was some sort of centralised alternative that wasn't fragmented across various instances... 😜
Show threadJuan LuisJan 6, 2023
@troyhunt I see the verified link in your profile, but not in the @haveibeenpwned one πŸ€” am I missing something?
Show threadTroy HuntJan 6, 2023
@astrojuanlu @haveibeenpwned works on my machine
Show threadJuan LuisJan 6, 2023
@troyhunt @haveibeenpwned Looks like it, Mastodon glitches I guess. Thanks a lot! Won a follow :)
Show threadKaroline Jan 6, 2023
@troyhunt @haveibeenpwned awesome! I've been subscribed for years since I learned about it on Reply All. Thank you!
Show threadCodexNotFoundJan 6, 2023

@troyhunt @haveibeenpwned for those not seeing the verification badge on the site. I believe that's because your instance does the check automatically, but your instance does it at other moments than another instance. I can imagine that some instances only check once every 48 hours, where others might check more often.

To be sure, open the profile on their instance, in this case here: https://infosec.exchange/@haveibeenpwned

Show threadπŸ‡¬πŸ‡§Daron BrewoodJan 6, 2023
@troyhunt @haveibeenpwned Good news, now following!
Show threadChristos Matskas βœ…Jan 6, 2023
@haveibeenpwned @troyhunt followed. Thanks Troy
Show threadtuck Jan 6, 2023
@troyhunt @haveibeenpwned thank you!!!
Show threadOmar Hawwash Jan 6, 2023
@troyhunt ahhhh this is cooool!
Show threadTobias van BeekJan 6, 2023
@troyhunt @haveibeenpwned You can verify the link in the mastodon profile. That can result in more trust for this account.
Show threadπŸ™ƒ ɐıunp zsɐɯoΚ‡Jan 6, 2023
@troyhunt @haveibeenpwned Using HaveIBeenPwned is a must! Good to have you here, and respect for creating this tool πŸ˜‰
Show threadTwittodon.comJan 6, 2023
@troyhunt @haveibeenpwned I recommend using https://Twittodon.com to verify the connection between Twitter and Mastodon accounts πŸ˜‰
Twittodon.com - Connect your Twitter and Mastodon accounts and verify it!

Show threadHandgunYoga (he/him/his)Jan 6, 2023
@troyhunt @haveibeenpwned Thank you!
Show threadZulhilmi AsyrafJan 6, 2023
@troyhunt
Congrats for joining the Fediverse.
Show threadFuturist Jim CarrollJan 7, 2023

@troyhunt @haveibeenpwned

This is a siutation where domain-related #singleuser instances make sense.

The verification process is much more straightforward if you set up something like

[email protected]

with the verification link back to the site

That way, we'd have a quick look at the profile, see the link back to the site and go, oh, ok, its' good.

I think we will get there with a lot of brands/initiatives/software/platforms

Show threadShoq 🌿Jan 7, 2023

@troyhunt @haveibeenpwned

OFFS, was I pwned by a site that was supposed to tell me if I was pwned?

Show threadSkand HurkatJan 7, 2023
@troyhunt @haveibeenpwned No green tick on the website in the about page just yet, FYI.
Show threadJay Jan 7, 2023
@troyhunt @haveibeenpwned Those other haveibeenpwned accounts probably aren't intended to be fakes, but likely are mirroring the real account's Twitter posts. Glad to see those won't be needed anymore and happy to see you here.
Show threadjm3 β€’ John Manoogian IIIJan 7, 2023
@troyhunt @haveibeenpwned is it my client or does the haveibeenpwned url be n the bio NOT actually display as verified?
Show threadKevin Karhan Jan 12, 2023
@troyhunt @haveibeenpwned thx.