.NET Standard library that provides client SDK functionality to talk to Troy Hunt's Pwnedpasswords API and check whether a particular password has been pwned and if so how many occurrences there have been.
ByteDev.PwnedPasswords has been written as a .NET Standard 2.0 library, so you can consume it from a .NET Core or .NET Framework 4.6.1 (or greater) application.
ByteDev.PwnedPasswords is hosted as a package on nuget.org. To install from the Package Manager Console in Visual Studio run:
Install-Package ByteDev.PwnedPasswords
Further details can be found on the nuget page.
Releases follow semantic versioning.
Full details of the release notes can be viewed on GitHub.
The PwnedPasswordsClient
class has two public methods:
- GetHasBeenPwnedAsync(string password)
- GetHasBeenPwnedAsync(string password, CancellationToken cancellationToken)
These methods will return a PwnedPasswordResponse
object containing details of whether the password has been pwned and a count of how many times.
If the PwnedPasswordsClient
class has any problems getting the details for a password it will throw an PwnedPasswordsClientException
.
IPwnedPasswordsClient client = new PwnedPasswordsClient(new HttpClient());
PwnedPasswordResponse response = await client.GetHasBeenPwnedAsync("Password1");
Console.WriteLine($"Has Password been pwned: {response.IsPwned}.");
Console.WriteLine($"Password has been pwned {response.Count} times.");
See the following for more general information:
See the following to changes to the API to only support partial hash (range) only searches: