GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → coenjacobs → wp-haveibeenpwned

coenjacobs / wp-haveibeenpwned

Licence: other
Checks if the password for each WordPress user account has been compromised via haveibeenpwned.com

Programming Languages

PHP
23972 projects - #3 most used programming language

Labels

wordpress-pluginhaveibeenpwned

Projects that are alternatives of or similar to wp-haveibeenpwned

Firepwned
🙏 Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API.
Stars: ✭ 69 (+165.38%)
Mutual labels:  haveibeenpwned
Passpwn
See if your passwords in pass has been breached.
Stars: ✭ 130 (+400%)
Mutual labels:  haveibeenpwned
Hibpofflinecheck
Keepass plugin that performs offline and online checks against HaveIBeenPwned passwords
Stars: ✭ 191 (+634.62%)
Mutual labels:  haveibeenpwned
Password Leak
A library to check for compromised passwords
Stars: ✭ 92 (+253.85%)
Mutual labels:  haveibeenpwned
Pw Pwnage Cfworker
Deploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7.8+ billion breached accounts
Stars: ✭ 125 (+380.77%)
Mutual labels:  haveibeenpwned
Cr3dov3r
Know the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+6438.46%)
Mutual labels:  haveibeenpwned
Pwnedornot
OSINT Tool for Finding Passwords of Compromised Email Addresses
Stars: ✭ 888 (+3315.38%)
Mutual labels:  haveibeenpwned
Maltego-haveibeenpwned
Maltego integration of https://haveibeenpwned.com
Stars: ✭ 55 (+111.54%)
Mutual labels:  haveibeenpwned
Hibp
A composer package to verify if a password was previously used in a breach using Have I Been Pwned API.
Stars: ✭ 126 (+384.62%)
Mutual labels:  haveibeenpwned
Pwned
A command-line tool for querying the 'Have I been pwned?' service.
Stars: ✭ 161 (+519.23%)
Mutual labels:  haveibeenpwned
Haveibeenpwned lastpass
Check if your lastpass passwords have been pwned by someone
Stars: ✭ 96 (+269.23%)
Mutual labels:  haveibeenpwned
Lil Pwny
Fast, offline auditing of Active Directory passwords using Python.
Stars: ✭ 117 (+350%)
Mutual labels:  haveibeenpwned
Breach.tw
A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (+453.85%)
Mutual labels:  haveibeenpwned
Pwnedpasswordsdll
Open source solution to check prospective AD passwords against previously breached passwords
Stars: ✭ 71 (+173.08%)
Mutual labels:  haveibeenpwned
pass-audit
A pass extension for auditing your password repository.
Stars: ✭ 71 (+173.08%)
Mutual labels:  haveibeenpwned
Haveibeenpwned Zxcvbn Lambda Api
Deploy your own secure API to estimate password strength and check haveibeenpwned for known matches - HTTPS by force, server not required, fire and brimstone sold separately 🔥
Stars: ✭ 57 (+119.23%)
Mutual labels:  haveibeenpwned
H8mail
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: ✭ 2,163 (+8219.23%)
Mutual labels:  haveibeenpwned
keepassxc-pwned
Check your keepassxc database against previously breached haveibeenpwned passwords
Stars: ✭ 25 (-3.85%)
Mutual labels:  haveibeenpwned
Hermes-Secure-Email-Gateway
Hermes Secure Email Gateway is a Free Open Source Ubuntu 18.04 or 20.04 Server based Email Gateway that provides Spam, Virus and Malware protection, full in-transit and at-rest email encryption as well as email archiving. It features the latest email authentication techniques such as SPF, DKIM and DMARC.
Stars: ✭ 35 (+34.62%)
Mutual labels:  haveibeenpwned
Password pwncheck
Kerberos / Windows AD / Linux PAM password change check against breached lists (HIBP), and other rules
Stars: ✭ 152 (+484.62%)
Mutual labels:  haveibeenpwned
View All Similar Projects ➔

Have I Been Pwned

This WordPress plugin checks if the password for each user account has been compromised via haveibeenpwned.com, as soon as the user logs in. This will never send the actual password of your users, but it rather fetches a list to do the check locally. If the users password appears to be compromised, the user will be notified via an admin notice.

How does this work?

When a user logs in, the first five characters of the hash made of a password are sent to the haveibeenpwned.com API. This API then returns a list of hashes of compromised passwords, all starting with the five characters provided. The check to see if the actual password used is on the list, is done locally and the password of the user is never being posted anywhere. Not even in hashed form.

What is haveibeenpwned.com?

The website haveibeenpwned allows everyone to easily search through compromised sets of data, often sourced from leaked or hacked data. This data often contains usernames, passwords, email addresses and other personal data. Troy Hunt is a well known security researcher and makes this data available for anyone to search and check if their data is potentially being compromised.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].