Pwned Passwords service in nodebb
-
There's this very nice service that can check if a password has already appeared in a database breach:
Are there any plugin that would integrate this in nodebb when users are registering or changing passwords?
-
NodeBB core has a setting to check a database of commonly used passwords. There's nothing for checking HIBP at the moment.
-
Nice! So even if pwned password is not used yet at least the developpers are aware of the issue and doing the next best thing.
-
Since this topic was created such plugin was actually created by someone (Ben Lubar to be exact): https://github.com/BenLubar/nodebb-plugin-pwned-passwords
I'm posting it here mostly because I haven't seen it posted anywhere on this forum, so now it will be easier to find
And also in case Duehok still wants it and didn't see that it exists.
