This would vastly expand the database, and surface more compromised credentials with the Pwned Passwords search tool, giving more users information on whether they need to change their credentials. "Their goal here is perfectly aligned with mine and, I dare say, with the goals of most people reading this: to protect people from account takeovers by proactively warning them when their password has been compromised," Hunt said in his blog. "Feeding these passwords into HIBP gives the FBI the opportunity to do this almost 1 billion times every month. It's good leverage." The FBI will provide its passwords in SHA-1 and NTLM hash pairs, which aligns perfectly with HIBP's current storage arrangements. These will be fed into the system as they're made available, with the volume fluctuating depending on the nature of the investigations they're involved in at any one time.