1 vote

Check emails and password haveibeenpwned

Use the haveibeenpwned.com API to check the user emails and/or passwords have not been part of a breach.

Note: This will require setting up an intermediary API endpoint, since not possible to hide the HIBP key in the plugin.

ref: https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/

Lars Koudal shared this idea

Leave a Reply

Your email address will not be published. Required fields are marked *

20% OFF

Subscribe to our newsletter

* We do not spam or share your email

Discount on any Security Ninja plan

and get

Hi and welcome back :-)