Pwned Passwords V2
·
0 commits
to cc2bf2ee08e7c8c4a076a4e30028ac171f2ebe53
since this release
Thanks to @PatF for contributing this!
Pwned Passwords V2 brings some new features
- a larger dataset
- a prefix based api removing the need to send full passwords to an external service
- frequency for each password hash returned
- the removal of rate limiting! (previously a big limitation for a server side library like this)
More details here: https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/
This change is backwards compatible however there is one new optional config
# Minimum number of times a pwned password must exist in the data set in order
# to be reject.
config.min_password_matches = 10