mirror of
https://github.com/wneessen/apg-go.git
synced 2024-11-10 00:02:54 +01:00
Winni Neessen
87f93ddbc6
Implemented HIBP password check feature which will crosscheck generated passwords with the HIBP pwned passwords database. This functionality enhances security by not recommending potentially compromised passwords. A new flag, CheckHIBP has been added to enable or disable this feature.
16 lines
451 B
Go
16 lines
451 B
Go
package apg
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/wneessen/go-hibp"
|
|
)
|
|
|
|
// HasBeenPwned checks the given password string against the HIBP pwned
|
|
// passwords database and returns true if the password has been leaked
|
|
func HasBeenPwned(password string) (bool, error) {
|
|
hc := hibp.New(hibp.WithHTTPTimeout(time.Second*2),
|
|
hibp.WithPwnedPadding())
|
|
matches, _, err := hc.PwnedPassAPI.CheckPassword(password)
|
|
return matches != nil && matches.Count != 0, err
|
|
}
|