Product
Introducing SSO
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
@philnash/pwned
Advanced tools
Readme
An easy, promise based, way to test passwords securely against the Pwned Passwords API v2 in Node.js.
Troy Hunt's Pwned Passwords API V2 allows you to check if a password has been found in any of the huge data breaches.
@philnash/pwned
is a JavaScript library to use the Pwned Passwords API's k-Anonymity model to test a password against the API without sending the entire password to the service.
The data from this API is provided by Have I been pwned?. Before using the API, please check the acceptable uses and license of the API.
npm install @philnash/pwned
const pwned = require('@philnash/pwned').default;
pwned('password').then(password => {
if (password.pwned) {
console.log(`Your password has been pwned ${password.pwnedCount} times`);
} else {
console.log('Your password is safe, for now');
}
});
import pwned from '@philnash/pwned';
const testPassword = async attempt => {
const password = await pwned(attempt);
if (password.pwned) {
console.log(`Your password has been pwned ${password.pwnedCount} times`);
} else {
console.log('Your password is safe, for now');
}
};
testPassword('password');
Bug reports and pull requests are welcome on GitHub at https://github.com/philnash/pwned.js. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
This package is available as open source under the terms of the MIT License.
Everyone interacting in the Pwned project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.
FAQs
An easy, promise based, way to test passwords securely against the Pwned Passwords API v2 in Node.js.
The npm package @philnash/pwned receives a total of 2 weekly downloads. As such, @philnash/pwned popularity was classified as not popular.
We found that @philnash/pwned demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.