Is anybody using this private key?

by black6 on 7/4/2025, 2:51 PM with 53 comments
  • by qualeed on 7/4/2025, 3:31 PM

    "256 bits AES Encryption" should really have a "Military Grade" stamp on it. Perhaps with a metal background and some rivets or whatever for emphasis.

  • by gnyman on 7/4/2025, 4:54 PM

    I'm confused by this one. It says it's a joke but it still submits the key to a server.

    These joke pages have been around since http://ismycreditcardstolen.com/

    And I even made my own version https://hasmypasswordbeenstolen.net/

    The difference is that neither the original nor mine actually submits the secret to the server. I went to great lengths to avoid actually doing it, it's still a bad idea to send a password to my page but at least you can check the source and network traffic and see that it's only checked with JavaScript and a hash is checked against the HIPB password site.

    This supposed joke site sends and processes the key on their backend. At least it looks like that, I have not tried with a real key.

  • by ivanjermakov on 7/4/2025, 3:41 PM

    > Guys this is just a meme website. Please do not submit your real private key and do not report phishing.

    Exactly what a phishing website would say.

  • by BenjiWiebe on 7/4/2025, 3:43 PM

    Cloudflare's 1.1.1.1 for families blocks this is phishing. No sense of humor I guess?

  • by DonHopkins on 7/4/2025, 3:57 PM

    Nicely done! It worked flawlessly for me the first time. Does this support bulk upload?

  • by ignoramous on 7/4/2025, 3:32 PM

    Do not give out your private keys anywhere except where they're needed. They are meant to be private for a reason.

    If this service was serious, it'd instead rely on fingerprints (sha256/sha512) and not the key itself.

  • by thasso on 7/4/2025, 4:53 PM

    Wait why did it say the key was unused when I submitted the first time, but now it shows the key is already taken?

  • by smidgeon on 7/4/2025, 3:28 PM

    Thank goodness, now I know my private keys have not been leaked ...

  • by alberth on 7/4/2025, 4:01 PM

    Instead of HaveIbeenPwned.com, maybe the name of this site should be HaveIbeenKeyed.com

  • by ghusto on 7/4/2025, 6:23 PM

    The word you're looking for is "joke" not "meme", but that isn't hip enough, right?

  • by TheRealPomax on 7/4/2025, 4:25 PM

    If this is just a meme website, just... take it back down? People are dumb, they are going to fill in real keys, and you knew this before you clicked "deploy".

  • by gblargg on 7/4/2025, 4:20 PM

    > Is anybody using this private key?

    They are now!

  • by nailer on 7/4/2025, 4:27 PM

    My private key came from Debian, they patched the issues reported by Valgrind and now OpenSSL is more secure than ever.

  • by joemazerino on 7/4/2025, 3:24 PM

    A "dumbass" counter on this site would be interesting.

  • by nullc on 7/4/2025, 6:10 PM

    Hey, that's not the wallet inspector...

  • by knowitnone on 7/4/2025, 5:39 PM

    Generate and send it every possible key

  • by actinium226 on 7/4/2025, 3:46 PM

    Hahahaha, this is hilarious!

  • by daft_pink on 7/4/2025, 9:59 PM

    I got invalid captcha :(

  • by comrade1234 on 7/4/2025, 3:42 PM

    lol. You're kidding me...