ByteDev.PwnedPasswords 2.0.0

There is a newer version of this package available.
See the version list below for details.

dotnet add package ByteDev.PwnedPasswords --version 2.0.0

NuGet\Install-Package ByteDev.PwnedPasswords -Version 2.0.0

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="ByteDev.PwnedPasswords" Version="2.0.0" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

paket add ByteDev.PwnedPasswords --version 2.0.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: ByteDev.PwnedPasswords, 2.0.0"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

// Install ByteDev.PwnedPasswords as a Cake Addin
#addin nuget:?package=ByteDev.PwnedPasswords&version=2.0.0

// Install ByteDev.PwnedPasswords as a Cake Tool
#tool nuget:?package=ByteDev.PwnedPasswords&version=2.0.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

ByteDev.PwnedPasswords

Provides client functionality to talk to Troy Hunt's Pwnedpasswords API and check whether a particular password has been pwned and if so how many occurrences there have been.

Installation

ByteDev.PwnedPasswords has been written as a .NET Standard 2.0 library, so you can consume it from a .NET Core or .NET Framework 4.6.1 (or greater) application.

ByteDev.PwnedPasswords is hosted as a package on nuget.org. To install from the Package Manager Console in Visual Studio run:

Install-Package ByteDev.PwnedPasswords

Further details can be found on the nuget page.

Code

The repo can be cloned from git bash:

git clone https://github.com/ByteDev/ByteDev.PwnedPasswords

Unit tests and integration tests are also provided in the solution.

Usage

The PwnedPasswordsClient class has two public methods:

GetHasBeenPwnedAsync(string password)
GetHasBeenPwnedAsync(string password, CancellationToken cancellationToken)

This methods will return a PwnedPasswordResponse object containing details of whether the password has been pwned and a count of how many times.

If the PwnedPasswordsClient class has any problems getting the details for a password it will throw an PwnedPasswordsClientException.

Example

var client = new PwnedPasswordsClient(new HttpClient());

var result = await client.GetHasBeenPwnedAsync("Password1");

Console.WriteLine($"Has Password been pwned: {result.IsPwned}");
Console.WriteLine($"Password has been pwned {result.Count} times.");

Version 2.0 changes

A number of breaking changes were made from version 1.1. to 2.0:

PwnedPasswordsClient now takes a simple string for the password (as the API only takes a hash of the password theres no need for the consumer to supply a HashedPassword object)
IPwnedPasswordsClient interface now provided
PwnedPasswordsClient needs to be provided with an implementation of HttpClient on construction
PwnedPasswordsClient.GetHasBeenPwnedAsync method now takes optional CancellationToken

Further information

See the following for more general information:

See the following to changes to the API to only support partial hash (range) only searches:

Enhancing Pwned Passwords Privacy by Exclusively Supporting Anonymity

Product	Compatible and additional computed target framework versions.
.NET	net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed.
.NET Core	netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed.
.NET Standard	netstandard2.0 is compatible. netstandard2.1 was computed.
.NET Framework	net461 was computed. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed.
MonoAndroid	monoandroid was computed.
MonoMac	monomac was computed.
MonoTouch	monotouch was computed.
Tizen	tizen40 was computed. tizen60 was computed.
Xamarin.iOS	xamarinios was computed.
Xamarin.Mac	xamarinmac was computed.
Xamarin.TVOS	xamarintvos was computed.
Xamarin.WatchOS	xamarinwatchos was computed.

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

This package has no dependencies.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on ByteDev.PwnedPasswords:

Repository	Stars
johnstaveley/SecurityEssentials Raise your baseline in security by using this as your template instead of default Mvc project. Keep your app secure by continuously applying Security rules	138

Version	Downloads	Last updated
2.0.3	9,825	7/24/2020
2.0.2	464	7/2/2020
2.0.1	784	12/2/2019
2.0.0	629	6/30/2019
1.1.0	1,109	4/30/2018
1.0.1	1,018	4/9/2018