View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003756 | Composr | core_cns | public | 2018-12-31 16:19 | 2018-12-31 16:19 |
| Reporter | Chris Graham | Assigned To | |||
| Severity | Feature-request | ||||
| Status | non-assigned | Resolution | open | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0003756: Search HaveIBeenPwned database | ||||
| Description | Use the HaveIBeenPwned API to check is a password has been breached. https://haveibeenpwned.com/API/v2#PwnedPasswords We just send the first 5 characters of the sha1 hash of the new password, and get all suffixes that are pwned. We then see if any of these exactly match the sha1 hash of the new password. | ||||
| Tags | Type: Security | ||||
| Time estimation (hours) | 2 | ||||
| Sponsorship open | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2018-12-31 16:19 | Chris Graham | New Issue | |
| 2018-12-31 16:19 | Chris Graham | Tag Attached: Type: Security |
