Forbid Pwned Passwords Wordpress Plugin - Rating, Reviews, Demo & Download

Forbid Pwned Passwords Wordpress Plugin - Rating, Reviews, Demo & Download
No ratings yet
Free
Follow for free plugins, new theme releases and theme news

Plugin Description

Protect your WordPress site’s users from using breached passwords!

With Forbid Pwned Passwords, your site’s users will receive errors if they attempt to set their password to one found in a known breach, forcing them to choose a new one.
This can help to mitigate credential stuffing attacks against your site and its users.

This plugin makes use of Troy Hunt’s Have I Been Pwned? API. Using k-anonymity methods, only a partial SHA-1 hash of the password
is sent to the API in order to produce a list of hashes for local testing. This means no passwords are ever sent to third parties.

You can learn more about the Have I Been Pwned API here.

Screenshots

No screenshots provided


Reviews & Comments