Security noteFor security reasons, this form only accepts your email address (not your username).
Once you submit this form, the reset link send to you will be valid for 1 hour only.
It seems like this is the first time you visit this site (or you wiped your cookies)!
Because of that, you are now seeing this little pop-up!
This site is one of the few sites that gives you the ability to customize a things.
Just enable or disable things below as you wish and hit "I'm done".
Note: In order to ensure proper function of the site, I ask you to disable any adblocker you may have.
Since you can disable stuff like analytics in this screen, there is no real reason to have it running (outside of causing potential issues).
These cookies include:
- Session cookies
- Settings cookies
For analytics, I use a custom, fully open-source solution that hooks directly into my CMS, Admiral.
By doing this, I can keep your data on my own servers instead of having it hang around at third-party providers (whom will use it to track you and sell you stuff) while also being able to offer full transparency about what I do with the data I gather..
Once you leave my site, my website won't track you.
All data obtained is data that are being sent by the client during a request anyways.
Ofcourse, I do understand that you might not want to be tracked at all, therefore, I allow you to completely disable my analytics as long as you want!
HIBP is a project started by Troy Hunt that provides anyone a free resource to quickly assess if they have been put at risk of having their accounts being compromised (or "pwned" as IT people call it).
Passwords are everywhere and websites can be breached.
Unfortunately, you are often the victim of these breaches, even if you don't know it.
Your login credentials, email address, personal details and sometimes even credit card details are all at risk when these breaches occur.
Thanks to HIBP, I am often aware of these breaches before any real damage can be done.
By enabling this option, you give my website the permission to send the first five (out of 40) characters of a hashed version of your password to the HIBP API.
This data is enough information for them without exposing the entire hash to HIBP.
In term, HIBP will return a list of anonymized data (using k-anonymity) after which my website will have a look in the results to see if the complete hash of your password has been found.
If it's found, I'll be able to give you a heads-up.
Because (for security reasons) my website doesn't store your password in plaintext, my website is only able to check your password under the following circumstances:
- You register (you'll be instantly informed)
- You login (you'll be informed by mail)
- You reset/change your password (you'll be instantly informed)
Please do note that after you register, disabling this setting will disable login checks on this client only.
This means that if you disable this setting on (for example) your phone but not your desktop, the login check will still happen on your desktop.
This behaviour might change in the future.
If you decide to opt-out of this feature, we won't send anything to HIBP and you won't get informed in case your password is compromised.