pwned-passwords-django

A Pwned Passwords implementation for Django sites.

These details have not been verified by PyPI

Project links

Project description

pwned-passwords-django provides helpers for working with the Pwned Passwords database from Have I Been Pwned in Django powered sites. Pwned Passwords is an extremely large database of passwords known to have been compromised through data breaches, and is useful as a tool for rejecting common or weak passwords.

There are three main components to this application:

A password validator which integrates with Django’s password-validation tools and checks the Pwned Passwords database.
A Django middleware (supporting both sync and async requests) which automatically checks certain request payloads against the Pwned Passwords database.
An API client providing direct access (both sync and async) to the Pwned Passwords database.

All three use a secure, anonymized API which never transmits any password or its full hash to any third party.

Usage

The recommended configuration is to enable both the validator and the automatic password-checking middleware. To do this, make the following changes to your Django settings.

First, add the validator to your AUTH_PASSWORD_VALIDATORS list:

AUTH_PASSWORD_VALIDATORS = [
    # ... other password validators ...
    {
        "NAME": "pwned_passwords_django.validators.PwnedPasswordsValidator",
    },
]

Then, add the middleware to your MIDDLEWARE list:

MIDDLEWARE = [
    # .. other middlewares ...
    "pwned_passwords_django.middleware.pwned_passwords_middleware",
]

For more details, consult the full documentation.

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

5.2.0

Apr 6, 2025

5.1.3

Mar 23, 2025

5.1.2

Mar 9, 2025

5.1.1

Nov 8, 2024

5.1.0

Aug 12, 2024

5.0.0

May 27, 2024

2.1

Feb 27, 2024

2.0

Mar 27, 2023

1.6.1

Dec 26, 2022

1.6

May 20, 2022

1.5

Jun 22, 2021

1.4.1

Sep 21, 2020

1.4

Jan 29, 2020

1.3.2

May 8, 2019

1.3.1

Sep 18, 2018

1.3

Sep 18, 2018

1.2.1

Jun 18, 2018

1.2

Jun 18, 2018

1.1

Mar 6, 2018

1.0

Mar 6, 2018

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pwned_passwords_django-5.2.0.tar.gz (43.1 kB view details)

Uploaded Apr 6, 2025 Source

Built Distribution

pwned_passwords_django-5.2.0-py3-none-any.whl (11.7 kB view details)

Uploaded Apr 6, 2025 Python 3

File details

Details for the file pwned_passwords_django-5.2.0.tar.gz.

File metadata

Download URL: pwned_passwords_django-5.2.0.tar.gz
Upload date: Apr 6, 2025
Size: 43.1 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/6.0.0 CPython/3.13.0

File hashes

Hashes for pwned_passwords_django-5.2.0.tar.gz
Algorithm	Hash digest
SHA256	`dfa7c4fc8879396b8304759260c5fb8b6055c07ed9241010e5bc319f195d5197`
MD5	`b2d3aac4fa7ef8e514f0a652c5f27c3a`
BLAKE2b-256	`aef5242f5ceb391832d284c815135f99872ad2f109aaa8b398bcf9cbe3665bd6`

See more details on using hashes here.

File details

Details for the file pwned_passwords_django-5.2.0-py3-none-any.whl.

File metadata

Download URL: pwned_passwords_django-5.2.0-py3-none-any.whl
Upload date: Apr 6, 2025
Size: 11.7 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/6.0.0 CPython/3.13.0

File hashes

Hashes for pwned_passwords_django-5.2.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`a8666fb427479796ee9940e92df834a188ca7246905e4b9dc7be6248415ff5df`
MD5	`4117463f033da2b5250755e447b87116`
BLAKE2b-256	`0d9bdbbeb3e72501190584847e5d6b119b5e4f1e15b11a804c4e2ccbca438f2f`