HIBP Password Check is a opensource MyBB plugin that allows you to check user's registration password input against HIBP (haveibeenpwned.com) database.
You do not need any kind of API key, as HIBP provides completely free password lookup service (at least for now).
Installation is simple, to install HIBP Password Check Plugin you need to:
- Copy the repository / Download the MyBB plugin under releases (or from official MyBB extend site), and extract it (as the file is in .zip format)
- Copy the contents of
pwnedplugin.css, and create a new Theme Stylesheet (not required if you do not want to show the HaveIBeenPwned tooltip) - Install and activate the MyBB plugin!
If you need help with installing HIBP Password Check Plugin, feel free to contact me anytime using any of the contact details listed on my GitHub profile.
- Add an option to only warn the user, instead of both warning them and blocking submission of a breached/vulnerable password.
-
Make the HaveIBeenPwned tooltip (logo) customizable. => logo icon, description
HIBP Password Check Plugin is released under the GNU GPL v3 license.
HIBP Password Check Plugin uses MyBB Opensource Forum Software.
HIBP Password Check Plugin uses HaveIBeenPwned for password lookups.