Provide option to check for breached passwords
A lightweight and easy-to-use password manager
Brought to you by:
dreichl
Menu
▾
▴
#2366 Provide option to check for breached passwords
Please consider implementing client support to securely (and optionally) check user passwords for presence in the pwnedpasswords db/api.
https://haveibeenpwned.com/Passwords
There are numerous libraries for this already.
Have you tried the HaveIBeenPwned KeePass plugin?
No, but I'm unsure if that will work on my Ubuntu install easily. I'll check it out and update later tonight.
Thanks for the quick response!
We already have three plugins for this:
https://keepass.info/plugins.html#hibp
https://keepass.info/plugins.html#hibpoff
https://keepass.info/plugins.html#kphibp
Best regards,
Dominik
Thanks.
FYI, for anyone coming here looking for some help. I elected to install HaveIBeenPwned plugin from https://github.com/andrew-schofield/keepass2-haveibeenpwned
I had trouble getting the mono recommended dlls to work by default on my Ubuntu 16.04 install.
I had no idea where the mysterious undocumented plugins folder should be on linux (Ubuntu). I could find none. I took a guess and created it at '/usr/lib/keepass2/plugins', which worked for my 2.32 keepass version. You put the dll's in that folder.
But on first attempted use of the plugin it appeared to be hanging immediately after attempted use.
I heard that upgrading mono could fix it. I followed the directions for my OS version at https://www.mono-project.com/download/stable/#download-lin and that seemed to fix the issue.
I have been able to use the plugin fine now.
Last edit: Scott 2018-06-13
Thanks for the info.
cheers, Paul
As I feared would happen, all of these plugins are no longer being updated and are not compatible with the current version of Keepass.
I'm using Ubuntu and have placed the plgx files i nthe plugins folder and each one says it is incompatible with Keepass 2.40
I'd like to have some consideration to re-open this FR.
Last edit: Scott 2019-01-18
I doubt this will be implemented natively in KeePass since the KeePass password generator can produce passwords that have an infintesimal probability of being in any list.
It is likley that any incompatibility that the current plugins have with KeePass on linux is a mono issue since the plugins work with KeePass 2.41 on Windows.
To compile the plgx you need the mono compiler. The easiest way is to install mono complete.
cheers, Paul
No need, the dll still works. But yeah the plgx format is incompatible. Not sure how that is usable for typical users.