Skip to content
πŸ”’ Password Exposed Helper Function - Check if a password has been exposed in a data breach.
Branch: master
Clone or download
DivineOmega Merge pull request #26 from DivineOmega/feature/implement-new-psr-18-…
…guzzle-adapter

Implement new PSR 18 Guzzle adapter
Latest commit 3f000ed Feb 20, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
assets/images
bundles
src
tests/Unit Reorder imports Feb 4, 2019
.coveralls.yml Initial commit Feb 1, 2018
.editorconfig
.gitignore more improvements Jan 28, 2019
.travis.yml
LICENSE Initial commit Feb 1, 2018
README.md
composer.json Implement new PSR 18 Guzzle adapter Feb 19, 2019
phpunit.xml styleci psr2 Feb 4, 2019
psalm.xml styleci psr2 Feb 4, 2019

README.md

πŸ”’ Password Exposed Helper Function

This PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a password has been exposed in a data breach.

Build Status StyleCI

Installation

The password_exposed package can be easily installed using Composer. Just run the following command from the root of your project.

composer require "divineomega/password_exposed"

If you have never used the Composer dependency manager before, head to the Composer website for more information on how to get started.

Usage

To check if a password has been exposed in a data breach, just pass it to the password_exposed method.

Here is a basic usage example:

switch(password_exposed('hunter2')) {

    case PasswordStatus::EXPOSED:
        // Password has been exposed in a data breach.
        break;

    case PasswordStatus::NOT_EXPOSED:
        // Password has not been exposed in a known data breach.
        break;

    case PasswordStatus::UNKNOWN:
        // Unable to check password due to an API error.
        break;
}

If you prefer to avoid using helper functions, the following syntax is also available.

$passwordStatus = (new PasswordExposedChecker())->passwordExposed($password);

SHA1 Hash

You can also supply the SHA1 hash instead of the plain text password, by using the following method.

$passwordStatus = (new PasswordExposedChecker())->passwordExposedByHash($hash);

or...

$passwordStatus = password_exposed_by_hash($hash);
You can’t perform that action at this time.