pwned_passwords_v2 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +5 -3
- data/lib/pwned_passwords_v2/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3d17820ac7fbed243d6265415230f95d70e3cd31
|
4
|
+
data.tar.gz: c39fdce79ec4cb063ad28f551c73331732273402
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d99047cecee4914cd414bf45bd388893eaa51655e900dad20c2a58732e8fe81ef2c1f871eb0431af19cfc42788a03a183a4577f375b9d16473f4ebbc3662f776
|
7
|
+
data.tar.gz: ea19558b893bd6ef553f05d3a0e7e8c9dd114cfe8f847984abd6573d0ea52af2e04f93b2f788128dc1a9139de3768128a4a3dbaad23e0eb9a54c9157cdd105bb
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# PwnedPasswordsV2
|
2
2
|
|
3
|
-
This gem is a simple wrapper to Troy Hunt's https://api.pwnedpasswords.com
|
3
|
+
This gem is a simple wrapper to Troy Hunt's Have I Been Pwned API at https://api.pwnedpasswords.com, to check if a password has been found in a data breach.
|
4
4
|
|
5
5
|
See https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/ for more details.
|
6
6
|
|
@@ -8,9 +8,11 @@ See https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/ for mo
|
|
8
8
|
|
9
9
|
The code is kept deliberately simple so you can eyeball what is going on.
|
10
10
|
|
11
|
-
The passwords you use in this gem do not get sent externally. The password is
|
11
|
+
The passwords you use in this gem do not get sent externally. The password is SHA1 hashed, and then only the first 5 characters are sent externally. The API response is then checked locally to see if a matching SHA1 hash is present.
|
12
12
|
|
13
|
-
Troy Hunt's [blog post](https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2
|
13
|
+
Troy Hunt's [blog post](https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/#cloudflareprivacyandkanonymity) explains this process in more detail.
|
14
|
+
|
15
|
+
You can also read [Validating Leaked Passwords with k-Anonymity](https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/) for more information on how secure this is and why.
|
14
16
|
|
15
17
|
If you like this gem please donate to Troy's [donations page](https://haveibeenpwned.com/Donate)
|
16
18
|
|