Reversing hashes of PwnedPasswords api using number of breaches


I was recently working on a requirement to log the number of breached sites a password appeared on when customers were registering (if that password had been breached at all) Importantly, we are not logging the breached password itself (nor the hash of the password) – just the number of breaches that particular password appeared in (as per the Pwned Passwords data set) So, to log this, I’m...