devise-pwned_password
devise-pwned_password copied to clipboard
michaelbanfield
Devise extension that checks user passwords against the PwnedPasswords dataset
The pwned api documentation wants a more specific user agent. > Each request to the API must be accompanied by a user agent request header. Typically this should be the...
Resolves #30 (Also resolves/supersedes #27) Currently based on #29 but could be rebased. - [x] Add tests - [x] Update docs
The `pwned` gem dependency is not being updated to `2.1.0` because the requirement is set to `~>2.0.0` instead of `~>2.0`
Hello, first of all thank you for you for this awesome gem! Let's suppose an old User was stored before devise-security gem was added to application Gemfile. An existing User...
I've just finished adding this gem into a project I am working on and mostly it's working great. However, I noticed that whenever I signed in, I would get validation...
The `min_password_matches` option seems misnamed to me. Model validations are usually worded in a way that describes what is required for the user to be _valid_: - Look at the...
Consider using the unpwn gem to check passwords locally https://github.com/indirect/unpwn > Unpwn checks passwords locally against the top one million passwords, as provided by the nbp project. Then, it uses...
#16 added this to docs: > By default the value set above is used to reject passwords and warn users. > Optionally, you can add the following snippet to `config/initializers/devise.rb`...
Metadata
Owner
Metadata
Devise extension that checks user passwords against the PwnedPasswords dataset