search

systemli / userli

Web application to (self-) manage email users and encrypt their mailboxes.
https://systemli.github.io/userli/
GNU Affero General Public License v3.0
64 stars 13 forks source link

Add compromised password validator #161

Closed t2d closed 5 years ago

t2d commented 5 years ago

https://symfony.com/blog/new-in-symfony-4-3-compromised-password-validator

doobry-systemli commented 5 years ago

Thanks for implementing this, @t2d! We should be aware though, that this leaks metadata: With this change, Have I been Pwned is able to track when - and roughly how many - users register.