Version 2 brings a number of new features and changes, including:
Range requests implementing a k-Anonymity model. This allows us to search for passwords without transmitting the full password (hash) to a third party. More on the implementation details here, including some caveats.
Addition of password usage counts from the data set. This allows us to introduce a config.min_password_matches configuration variable which allows us to only show errors for passwords that are used a certain number of times in the data set. By default, passwords are still rejected if there's a single match.
Removal of all rate limits, which greatly simplifies the code
Version 2 brings a number of new features and changes, including:
config.min_password_matchesconfiguration variable which allows us to only show errors for passwords that are used a certain number of times in the data set. By default, passwords are still rejected if there's a single match.