Weekly Update 498

In this episode of Troy Hunt's Weekly Update Podcast, Troy dives into a recent data breach investigation using his automated Open Claw system, detailing how he extracts and verifies email addresses from a public hacking forum. He shares frustrations around managing enterprise customers who delay payments despite 30-day terms, highlighting a particularly egregious case where a subscriber remained six months overdue. This leads to a broader discussion about the operational challenges of running a small, customer-focused service like Have I Been Pwned (HIBP), including manual invoicing, reconciliation, and the emotional toll of chasing unpaid bills. In contrast, Troy celebrates major updates to HIBP, including the launch of a new tiered pricing model with Core, Pro, and High RPM plans, the introduction of k-anonymity for privacy-preserving searches, automated domain verification via API, and the addition of passkeys for seamless login. He emphasizes that these changes aim to streamline operations, reduce reliance on complex enterprise agreements, and improve user experience while maintaining security. Troy also reflects on the irony of Fortune 500 companies claiming they can't use credit cards—despite doing so routinely in everyday business—reinforcing his commitment to Stripe as the primary payment method. Key takeaways include: 1) Automating payment enforcement through Azure functions to cut off service for overdue invoices; 2) Restructuring HIBP’s pricing and plans to cap domain usage and discourage reselling; 3) Introducing passkeys for faster, more secure login without adding new security layers; 4) Prioritizing credit card payments via Stripe to avoid the overhead of invoicing and legal redlining; and 5) Using Cloudflare caching and asynchronous key validation to dramatically improve performance. Troy concludes with a passionate defense of his service’s values—simplicity, automation, and direct accountability—while acknowledging the emotional weight of running a mission-driven business in a world of complex corporate bureaucracy.