Have-I-Been-Pwned

SleePy · March 01, 2022, 03:01:12 PM

This enables checking passwords against the Have-I-Been-Pwned database. Passwords are only checked on registration and when changed on the profile.

Additionally this can attempt to check the password from the browser using the same API

SMF 2.1.0 or higher only! PHP 7.3 or higher only

Shades. · March 01, 2022, 05:39:22 PM

Nice!

What's the differences between "Enable Server based Have-I-Been-Pwned Checks" and "Enable Client based Have-I-Been-Pwned Checks" and should I have them both checked?

SleePy · March 04, 2022, 10:29:37 PM

Server side will have the server submit the checks to the api. While client side will let the browser submit the checks. The client side thus can do a more real time check while the server side is performed upon submission. You can run both.

Shades. · March 05, 2022, 04:43:30 AM

Quote from: SleePy on March 04, 2022, 10:29:37 PMServer side will have the server submit the checks to the api. While client side will let the browser submit the checks. The client side thus can do a more real time check while the server side is performed upon submission. You can run both.

Ok thanks! Nice mod!

News:

Have-I-Been-Pwned

SleePy

Shades.

SleePy

Shades.