A Pwned Passwords implementation for Django sites.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ubernostrum from gravatar.com ubernostrum

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (BSD-3-Clause)
  • Author: James Bennett
  • Tags django , security , passwords , auth , authentication
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

CI status image

pwned-passwords-django provides helpers for working with the Pwned Passwords database from Have I Been Pwned in Django powered sites. Pwned Passwords is an extremely large database of passwords known to have been compromised through data breaches, and is useful as a tool for rejecting common or weak passwords.

There are three main components to this application:

All three use a secure, anonymized API which never transmits any password or its full hash to any third party.

Usage

The recommended configuration is to enable both the validator and the automatic password-checking middleware. To do this, make the following changes to your Django settings.

First, add the validator to your AUTH_PASSWORD_VALIDATORS list:

AUTH_PASSWORD_VALIDATORS = [
    # ... other password validators ...
    {
        "NAME": "pwned_passwords_django.validators.PwnedPasswordsValidator",
    },
]

Then, add the middleware to your MIDDLEWARE list:

MIDDLEWARE = [
    # .. other middlewares ...
    "pwned_passwords_django.middleware.pwned_passwords_middleware",
]

For more details, consult the full documentation.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ubernostrum from gravatar.com ubernostrum

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (BSD-3-Clause)
  • Author: James Bennett
  • Tags django , security , passwords , auth , authentication
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

This version

5.2.0

5.1.3

5.1.2

5.1.1

5.1.0

5.0.0

2.1

2.0

1.6.1

1.6

1.5

1.4.1

1.4

1.3.2

1.3.1

1.3

1.2.1

1.2

1.1

1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pwned_passwords_django-5.2.0.tar.gz (43.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pwned_passwords_django-5.2.0-py3-none-any.whl (11.7 kB view details)

Uploaded Python 3

File details

Details for the file pwned_passwords_django-5.2.0.tar.gz.

File metadata

  • Download URL: pwned_passwords_django-5.2.0.tar.gz
  • Upload date:
  • Size: 43.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.0.0 CPython/3.13.0

File hashes

Hashes for pwned_passwords_django-5.2.0.tar.gz
Algorithm Hash digest
SHA256 dfa7c4fc8879396b8304759260c5fb8b6055c07ed9241010e5bc319f195d5197
MD5 b2d3aac4fa7ef8e514f0a652c5f27c3a
BLAKE2b-256 aef5242f5ceb391832d284c815135f99872ad2f109aaa8b398bcf9cbe3665bd6

See more details on using hashes here.

File details

Details for the file pwned_passwords_django-5.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for pwned_passwords_django-5.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 a8666fb427479796ee9940e92df834a188ca7246905e4b9dc7be6248415ff5df
MD5 4117463f033da2b5250755e447b87116
BLAKE2b-256 0d9bdbbeb3e72501190584847e5d6b119b5e4f1e15b11a804c4e2ccbca438f2f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page