[feature request] Provide option to check for breached passwords

[user23498723452]

Please consider implementing client support to securely (and optionally) check user passwords for presence in the pwnedpasswords db/api.

https://haveibeenpwned.com/Passwords

There are numerous libraries for this already.

[927589452]

There is a new API https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/ which can be queried very easy like in this script https://github.com/jamesridgway/pwnedpasswords.sh.git or could this be implemented as a password

[927589452]

maybe @PhilippC could add which scope he thinks would suit the project better as a core function or as a plugin?

[PhilippC]

I don't have so much time to add new features at the moment, so I personally cannot promise anything regarding this. The KP2A plugin architecture currently does not allow to get a list of all passwords, so the only option is to implement this as a feature in the main app (I would include a pull request if it's well done) or by going through the passwords of an exported unencrypted copy (xml) of the database.