A Pwned Passwords implementation for Django sites.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ubernostrum from gravatar.com ubernostrum

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (BSD-3-Clause)
  • Author: James Bennett
  • Tags django , security , passwords , auth , authentication
  • Requires: Python >=3.8
  • Provides-Extra: docs , tests
Classifiers
Report project as malware

Project description

CI status image

pwned-passwords-django provides helpers for working with the Pwned Passwords database from Have I Been Pwned in Django powered sites. Pwned Passwords is an extremely large database of passwords known to have been compromised through data breaches, and is useful as a tool for rejecting common or weak passwords.

There are three main components to this application:

All three use a secure, anonymized API which never transmits any password or its full hash to any third party.

Usage

The recommended configuration is to enable both the validator and the automatic password-checking middleware. To do this, make the following changes to your Django settings.

First, add the validator to your AUTH_PASSWORD_VALIDATORS list:

AUTH_PASSWORD_VALIDATORS = [
    # ... other password validators ...
    {
        "NAME": "pwned_passwords_django.validators.PwnedPasswordsValidator",
    },
]

Then, add the middleware to your MIDDLEWARE list:

MIDDLEWARE = [
    # .. other middlewares ...
    "pwned_passwords_django.middleware.pwned_passwords_middleware",
]

For more details, consult the full documentation.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ubernostrum from gravatar.com ubernostrum

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (BSD-3-Clause)
  • Author: James Bennett
  • Tags django , security , passwords , auth , authentication
  • Requires: Python >=3.8
  • Provides-Extra: docs , tests
Classifiers

Release history Release notifications | RSS feed

5.2.0

5.1.3

5.1.2

5.1.1

This version

5.1.0

5.0.0

2.1

2.0

1.6.1

1.6

1.5

1.4.1

1.4

1.3.2

1.3.1

1.3

1.2.1

1.2

1.1

1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pwned_passwords_django-5.1.0.tar.gz (37.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pwned_passwords_django-5.1.0-py3-none-any.whl (12.3 kB view details)

Uploaded Python 3

File details

Details for the file pwned_passwords_django-5.1.0.tar.gz.

File metadata

  • Download URL: pwned_passwords_django-5.1.0.tar.gz
  • Upload date:
  • Size: 37.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.0

File hashes

Hashes for pwned_passwords_django-5.1.0.tar.gz
Algorithm Hash digest
SHA256 6182f79f796b43eb66c4f5484c5839898a0376e235021327e214ee38a2d171ef
MD5 4bcaaa07a9ff0600003872f10afa4370
BLAKE2b-256 828fe16c467d37d9089f76926ec02a1c40046a382dec1f298078e21261bfa3f1

See more details on using hashes here.

File details

Details for the file pwned_passwords_django-5.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for pwned_passwords_django-5.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 425cc00768216048bc2b52ae5af965f68c00e3ba5430e9a91c0a1db14e9f9b3e
MD5 d360b1f22b15fb011ad3e1c18ec2e7e5
BLAKE2b-256 be1b35bdfd5432589128407f069f40d0aa4288740151e91e76fa76d3827bbffe

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page