I'm usually pretty easy to get hold of, here's how I use different channels to communicate with people and how best to contact me
Thanks for wanting to get in touch with me! I get a huge amount of communications so this page lists the channels I use and how I like to use them. I'll usually respond to all legitimate comms, there's an outline down the bottom of what I probably won't respond to so please read that first.
Have I Been Pwned: support.haveibeenpwned.com
If your query is about the paid subscriptions in HIBP, please refer to the support portal and submit a ticket there if necessary. Note: this service isn't for general HIBP queries outside of the paid subscriptions.
This is the easiest way if you want to reach out and I can usually respond pretty promptly.
This is my primary means of broadcasting things to the world so please follow me there. I do read my DMs and allow them from people I don't follow, but would prefer email if you're reaching out from the blue about something. I don't see every mention so you may not get a reply via a public tweet.
My background is pretty well covered for the last couple of decades there. I accept connections from people I've met, worked with, spoken with or otherwise had enough interaction to feel that I can call them a professional contact. I don't respond to requests from people I don't know.
I broadcast a bunch of stuff publicly so feel free to follow me there. I generally only accept friend requests from people I know well enough to invite into my personal life; I use this account for personal things so I'm somewhat selective about who I share that with.
If I'm scheduled to talk with you, find me on Skype via my email address. For anything else, please use email or Twitter, I keep Skype connections to those who really need to communicate over that channel.
Many people prefer XMPP for encrypted chat, I can be reached as firstname.lastname@example.org but aren't always monitoring it so ping me via email or Twitter if you think I've missed something.
It's straight forward, it's on mobile that's always with me so no setting up on other devices and it's easy for both text and voice.
I'm on Keybase with both my public key available and a bunch of identity proofs as well. If you absolutely must encrypt a message, use the key there.
What I'll definitely respond to
I'm happy to make comments to media on any breaking security stories, I usually like to talk.
Genuine queries about speaking at events will get a response, even if I can't accept the invite.
What I may not respond to
I try and respond to technical queries but would prefer you try asking on Stack Overflow first.
I probably won't respond to queries to check out your [insert awesome thing here] simply due to the volume of these requests I get.
If your message doesn't explicitly look like it needs a response or it's vague or not clear what the purpose is, you may not hear back from me.
If you're looking for data in a data breach (yes, even your own), read why I won't be able to help you before emailing me asking for data!
What I won't respond to
No, you cannot guest-post on troyhunt.com.
No, I will not promote your infographic for you.
No, I will not link to your [insert whatever you think is awesome here].
No, contacting me and asking "Can I ask you a question?" is already a question and won't result in me responding with "Yes, I don't know what your other question is but ask me anyway".
No, phrases like "I just wanted to bump this to the top of your inbox" and "maybe you didn't receive my earlier email" will not increase the likelihood of me responding - they guarantee you the opposite!