Pwned Passwords service in nodebb

Duehok

There's this very nice service that can check if a password has already appeared in a database breach:

Are there any plugin that would integrate this in nodebb when users are registering or changing passwords?

PitaJ

NodeBB core has a setting to check a database of commonly used passwords. There's nothing for checking HIBP at the moment.

Duehok

Nice! So even if pwned password is not used yet at least the developpers are aware of the issue and doing the next best thing.

oplik0

Since this topic was created such plugin was actually created by someone (Ben Lubar to be exact): https://github.com/BenLubar/nodebb-plugin-pwned-passwords

I'm posting it here mostly because I haven't seen it posted anywhere on this forum, so now it will be easier to find And also in case Duehok still wants it and didn't see that it exists.