Have I Been Pwned Archives - darrenjrobinson - Bespoke Identity and Access Management Solutions

April 2, 2025April 2, 2025

A Have I Been Pwned MCP Server for Claude

Model Context Protocol (MCP) is a powerful framework that extends AI clients like Claude and now VSCode with GitHub Copilot Agents with custom capabilities. Think of MCPs as plugins that give AI assistants new abilities – they can interact with APIs, access specific data sources, or perform specialised tasks that aren’t part of their base functionality.… keep reading

February 28, 2019November 10, 2020

Azure AD/Active Directory User Security Evaluation Reporter

During December 2018 – February 2019 Microsoft have run an online Microsoft Graph Security Hackathon on Devpost.

The criteria of the hackathon was;

Build or update a functioning Microsoft Graph-powered solution that leverages the Microsoft Graph Security API

Following the announcement of the Hackathon I was encouraged by Kloud management to enter. … keep reading

August 10, 2017August 13, 2020

UPDATED: Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager

Microsoft Identity Manager - Have I Been Pwned

Earlier this week I posted this blog post that showed a working example of using a custom Pwned Password FIM/MIM Management Agent to flag a boolean attribute in the MIM Service to indicate whether a users password is in the pwned passwords dataset or not.… keep reading

August 8, 2017August 13, 2020

Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager

Pwned Password Identification with Microsoft Identity Manager

Update: An element of this solution details checking passwords online (using the Have I Been Pwned API). Troy explains succinctly in his blog-post announcing the pwned passwords list why this is a bad idea. If you are looking to implement the concept I detail in this post then WE STRONGLY recommend using a local copy of the pwned password list.… keep reading