nstcactus / yii2-pwned-validator
A Yii2 password validator against the HIBP pwned passwords API
Installs: 5
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
Type:yii2-extension
Requires
- ext-mbstring: *
- yiisoft/yii2: ^2.0.0
This package is auto-updated.
Last update: 2024-10-24 18:01:38 UTC
README
A Yii2 password validator against the Pwned passwords database.
Pwned Passwords are more than half a billion real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they're at much greater risk of being used to take over other accounts.
Requirements
- Yii framework 2
- PHP
mbstring
(multibyte string) extension (required)
Installation
The preferred way to install this extension is through Composer.
To install, either run
$ composer require nstcactus/yii2-pwned-validator
or add
"nstcactus/yii2-pwned-validator": "*"
to the require
section of your composer.json
file.
Usage
Model class example:
<?php namespace app\models; use nstCactus\yii2\validators\PwnedValidator; use Yii; use yii\base\Model; class YourCustomModel extends Model { public function rules() { return [ ['newPassword', PwnedValidator::class], ]; } public function attributeLabels() { return [ 'newPassword' => Yii::t('app', 'New password'), ]; } }
This validator will fail to validate passwords that have been exposed in known security breaches.
Like it?
Send some love to Troy Hunt, the author of Have I been pwned?.