Feature #178
Reject already-compromised passwords
| Status: | New | Start: | 2019-01-19 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: | - | % Done: | 0% |
|
| Category: | - | |||
| Target version: | - | |||
| Votes: | 2 |
Description
It is possible to use the HaveIBeenPwned password API to check if a proposed password has already been leaked:
https://haveibeenpwned.com/Passwords
The Panel could use this to reject new passwords if they are already known to be used/leaked.
History
Updated by admin over 6 years ago
- Subject changed from Reject already-compromsied passwords to Reject already-compromised passwords