https://schaal-it.com/wp-content/uploads/2017/08/ball-457334_1920.jpg 1080 1920 admin https://schaal-it.com/wp-content/uploads/2017/07/schaal_it_logo2_2_-_800px-300x50.png admin2021-11-23 00:00:582021-11-22 13:35:25Password check with haveibeenpwned
Password check with haveibeenpwned
The website haveibeenpwned.com provides, among other things, a list of passwords that have appeared in data leaks.
haveibeenpwned is secure
For verification, the complete password is never sent, but only a small partial hash value.
The pwned passwords function used searches the database of previous data leaks for the presence of a user-supplied password. The password is hashed using the SHA-1 algorithm and only the first 5 characters of the hash are sent.
Integration with ISPConfig
In the Main Config section you can set the maximum number of entries a password may have when querying the haveibeenpwned database in the “Misc” tab.
If a password is entered that is in the database more times than you have allowed, a hint is displayed and the password cannot be used.