Have-I-Been-Pwned

Started by SleePy, March 01, 2022, 03:01:12 PM

Previous topic - Next topic

SleePy

Link to the mod

This enables checking passwords against the Have-I-Been-Pwned database. Passwords are only checked on registration and when changed on the profile.

Additionally this can attempt to check the password from the browser using the same API

SMF 2.1.0 or higher only! PHP 7.3 or higher only

Jeremy D — Site Team / SMF Developer
Support the SMF Support team!
Profiles:GitHub
Join us on IRC Libera.chat/#smf

Shades.

Nice! 8)

What's the differences between "Enable Server based Have-I-Been-Pwned Checks" and "Enable Client based Have-I-Been-Pwned Checks" and should I have them both checked?
ShadesWeb.com - Custom Logos - My Themes on SMF | My Themes on ShadesWeb
https://shadesweb.com

BikerHound.com - Sniffing out the road ahead
https://bikerhound.com

Dream as if you'll live forever; Live as if you'll die today. - James Dean

SleePy

Server side will have the server submit the checks to the api.  While client side will let the browser submit the checks.  The client side thus can do a more real time check while the server side is performed upon submission.  You can run both.
Jeremy D — Site Team / SMF Developer
Support the SMF Support team!
Profiles:GitHub
Join us on IRC Libera.chat/#smf

Shades.

Quote from: SleePy on March 04, 2022, 10:29:37 PMServer side will have the server submit the checks to the api.  While client side will let the browser submit the checks.  The client side thus can do a more real time check while the server side is performed upon submission.  You can run both.
Ok thanks! Nice mod! 8)
ShadesWeb.com - Custom Logos - My Themes on SMF | My Themes on ShadesWeb
https://shadesweb.com

BikerHound.com - Sniffing out the road ahead
https://bikerhound.com

Dream as if you'll live forever; Live as if you'll die today. - James Dean

Advertisement: