Blog Logo

Pwned Passwords - Check Your Password Against Data Breaches

This library provides a simple `HttpClient` instance that consumes Troy Hunts PwnedPasswords API v3 and checks a passwords integrity whether it has previously appeared in a data breach or not. The library also includes an ASP.NET Core Identity `IPasswordValidator` implementation, making it easy to integrate into your projects. To use the library in your .NET Core app, simply instantiate a `PwnedPasswordsClient` and call the `IsPasswordPwnedAsync` method. For ASP.NET Core Web app, add the password validator to ASP.NET Core Identity configuration using the `IdentityBuilder` extension method in `Startup.cs`. If you run into bugs, have feature suggestions or questions, please file a Github bug. Special thanks to Troy Hunt for creating PwnedPasswords API v3.