Jump to content

PasswordState compatibility with Pwnage check?


bcloud

Recommended Posts

After ArsTechnica's release of this article (https://arstechnica.com/information-technology/2018/02/new-tool-safely-checks-your-passwords-against-a-half-billion-pwned-passwords/) has caused my manager to ask if PasswordState would be getting support for a security check comparable to what is available through https://haveibeenpwned.com/

 

This seems like it could be a pretty good idea. 

Link to comment
Share on other sites

  • 3 weeks later...

Hi support,

 

It's quite simple. I hacked it into an open source Active Directory password filter I work on from time to time over a case of beer last night.

 

If you are also using C#, you may find my implementation a useful starting point, or more likely - an example of exactly how not to do it. :)

 

It's a little rough because I'm a secadmin with a coding habit, and well, the beer, but you are welcome to it: 

 

https://github.com/brockrob/OpenPasswordFilter/blob/master/OPFService/PwnedPasswordsAPI.cs

 

Regards,

Rob

Link to comment
Share on other sites

  • 5 months later...

Hey Everyone,

 

We should have reported back here some time ago, but we now do have integration with have I been Pwned.  You'll find this option under the Bad Passwords section of the Admin area.  Hopefully you have already heard about this and sorry for not reporting back to this thread when we first introduced this feature.

 

Support.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...