esolitos / pwnedpasswords
Generic service to query Troy's pwnedpasswords.com service.
Installs: 64 881
Dependents: 0
Suggesters: 0
Security: 0
Stars: 8
Watchers: 1
Forks: 1
Open Issues: 2
Requires
- guzzlehttp/guzzle: ^6.2 || ^7.0
Requires (Dev)
- phpunit/phpunit: ^7.0
This package is auto-updated.
Last update: 2025-02-07 17:27:30 UTC
README
Generic php service built to query Troy Hunt's https://pwnedpasswords.com API service and let you know how "broken" is your password, without actually sending your password.
More info about this on Troy's first blog post (about Pwned Passwords v1), the follow up post (about v2, the version used by this library) and finally the post on Cloudflare blog (in which k-anonymity is explained in depth).
Installation
Via composer: composer require esolitos/pwnedpasswords
Usage
The usage is very simple, just create the object and call
$mySafePassword = 'p@ssword'; $validator = Esolitos\PwnedPasswords\PwnageValidator(); $pwnedCount = $validator->getPasswordPwnage($mySafePassword); print_r($pwnedCount) > 47205
Bonus points: Drupal module
This library was initially built for the drupal module: Pwned Passwords