Skip to content

πŸ”’ Password Exposed Helper Function - Check if a password has been exposed in a data breach.

License

Notifications You must be signed in to change notification settings

DivineOmega/password_exposed

Folders and files

NameName
Last commit message
Last commit date

Latest commit

327f93e Β· Apr 20, 2021
Mar 2, 2018
Apr 2, 2018
Apr 20, 2021
Mar 19, 2020
Feb 1, 2018
Feb 4, 2019
Jan 28, 2019
Apr 20, 2021
Feb 1, 2018
Jan 25, 2019
Apr 20, 2021
Feb 4, 2019
Feb 4, 2019

Repository files navigation

πŸ”’ Password Exposed Helper Function

This PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a password has been exposed in a data breach.

Build Status StyleCI

Installation

The password_exposed package can be easily installed using Composer. Just run the following command from the root of your project.

composer require "divineomega/password_exposed"

If you have never used the Composer dependency manager before, head to the Composer website for more information on how to get started.

Usage

To check if a password has been exposed in a data breach, just pass it to the password_exposed method.

Here is a basic usage example:

switch(password_exposed('hunter2')) {

    case PasswordStatus::EXPOSED:
        // Password has been exposed in a data breach.
        break;

    case PasswordStatus::NOT_EXPOSED:
        // Password has not been exposed in a known data breach.
        break;

    case PasswordStatus::UNKNOWN:
        // Unable to check password due to an API error.
        break;
}

If you prefer to avoid using helper functions, the following syntax is also available.

$passwordStatus = (new PasswordExposedChecker())->passwordExposed($password);

SHA1 Hash

You can also supply the SHA1 hash instead of the plain text password, by using the following method.

$passwordStatus = (new PasswordExposedChecker())->passwordExposedByHash($hash);

or...

$passwordStatus = password_exposed_by_hash($hash);