HaveIBeenPwned check

The insic module HaveIBeenPwned checks passwords in real time . It uses the free service from haveibeenpwned.com. This service checks passwords for possible compromises from previous data breaches .

Hackers repeatedly steal access data through hacker attacks and data leaks from internet accounts. Are your users affected? “Have I Been Pwned” reveals the answer!

The Pwned database consists of hundreds of millions of real data records that were used in connection with data theft cases that were later uncovered. Due to this exposure, the passwords in particular are unsuitable for further use, as there is a significantly increased risk that they will be used to take over other accounts. These compromised files are searchable online and can be downloaded for use in the insic system.

The service does not store the actual passwords, but calculates a so-called hash of the password using a cryptographic method (SHA-1).

In the best case, the system returns the message “Not found” .

The integration into the insic platform is done using the insic widget via its function as a registration page.

Use this module to increase the protection of your customers’ registration data! Build trust even with small features that directly engage with your users – all this at the time of data entry!