You can find the source here https://community.nodebb.org/post/64258
Pwned Passwords service in nodebb
Duehok last edited by Duehok
There's this very nice service that can check if a password has already appeared in a database breach:
Are there any plugin that would integrate this in nodebb when users are registering or changing passwords?
NodeBB core has a setting to check a database of commonly used passwords. There's nothing for checking HIBP at the moment.
Duehok last edited by
Nice! So even if pwned password is not used yet at least the developpers are aware of the issue and doing the next best thing.
Since this topic was created such plugin was actually created by someone (Ben Lubar to be exact): https://github.com/BenLubar/nodebb-plugin-pwned-passwords
I'm posting it here mostly because I haven't seen it posted anywhere on this forum, so now it will be easier to find And also in case Duehok still wants it and didn't see that it exists.