Authentication: Vulnerable Password

auth_vulnerablepassword
Maintained by Picture of Josh WillcockJosh Willcock
This Moodle plugin attempts to check HIBP's list of exposed passwords. Enabling your learners to be informed if their password has ever been involved in a data breach.
27 sites
7 downloads
3 fans
Current versions available: 1

Over the last few years Data Breaches have been in the news a lot. It is not surprising with such large platforms being targeted that many of our account details have made their way onto the dark web or end up pasted all over the internet. In an attempt to ensure our users accounts are safe, this plugin grabs the users password and without sending it to a third party checks if the password has been compromised. If the password has been compromised it will refer the user to a warning page on login, which they can then either change their password or continue to their original destination. This will occur every time the user logs in with the compromised password until they change it.


Screenshots

Screenshot #0
Screenshot #1

Contributors

Picture of Josh Willcock
Josh Willcock (Lead maintainer)
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Picture of Plugins bot
    Fri, Aug 3, 2018, 1:00 AM
    Approval issue created: CONTRIB-7411
  • Picture of Ted Long
    Sat, Apr 13, 2019, 2:14 PM
    Hi Josh. This is a really interesting plugin. We have some users using SSO and others manual authentication. Also various cohorts handled separately.

    Is it possible for us to turn this function on and off for the various cohorts? Is it possible there could be an automatic alert for when a new breach is found?
Please login to post comments