Broken since HIBP's release of API v3

[wdomon]

HIBP appears to have deprecated API v2 and this still uses that. Simply updating the URI in the get-pwnedaccount.ps1 file from v2 to v3 results in a failure about a missing API key. Script is functionless until this is fixed.

https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/

[originaluko]

Yes an API Key is now required. The module has been update to accept and pass an API key back to the HIBP APIs. You will need to specify a key you want to pass back to the API service as stated in the readme.

You, as the consumer, will need to obtain and pay for that key yourself. I won't be paying for API keys for users to use this module. Just like Troy is not giving out free keys to his API users. But mainly it's not really practical for a public script like this to share API keys.

With that said I will be relying on the community to obtain their own keys and help test and provide feedback on how to improve the module with the v3 API. Now that Troy is charging for API usage I expect demand however to drop.

[Wyc2019]

Thanks for the module. It was very helpful in scanning a list of email addresses. When I tried the module the -apikey switch wasn't recognised. Hard coding the key worked as a temporary fix. This problem may be related to the problem mentioned below of the script using version 2 of the api.

The CSV section needs "Start-Sleep -Seconds 2" to be added after try because HIBP limits the number of tries to 1 every 1500 milliseconds. I got locked out because the query rate was too fast.

I also ran into a problem with get-pwnedaccount trying to use version 2 of the api. It seemed to be listed in PSGallery even when I hadn't installed it. The version was 1.4.2. Trying to update with my changes wasn't recognised. I got it to run using the ISE in debug mode.

I'm a powershell novice so apologies for any misunderstandings.

[originaluko]

Thanks @Wyc2019

I am in the process of finalising the next version of this PowerShell module. It will be published soon and will be fully compatible with the v3 HIBP API. The current version on the PowerShellGallery, as of today, is not fully compatible with the v3 API. You can, however, use the latest version here on Git which should work fine (just not fully tested).

In regards to the CSV import. I need to get clarification from Troy on the current rate limits. It was off, then on, then off, and now appears back on again. If there is indeed a rate limit I will add a rate limit parameter.

thanks

[originaluko]

Closing this issue since it was in reference to an old version and we now have a version 3 API supported module, tested and working. Thanks