Releases: Firesphere/silverstripe-haveibeenpwnd
Releases · Firesphere/silverstripe-haveibeenpwnd
Enable Silverstripe 5 support
I'm 99% sure it just works, but to be sure, let's call it RC1
Update to API v3
fad70f8
This commit was signed with the committer’s verified signature.
Firesphere
Simon Erkelens
- Update to API v3 (Thanks @elliot-sawyer !)
Require Guzzle 6 or 7 bugfix
- Composer requirements update
Don't require Page
Page and Page Controller are not always available, thus the classes shouldn't be instantiated.
First final release
This is the first stable release for the HaveIBeenPwned module. This includes
- Check passwords against HIPB on login
- Check passwords before changing and block known breached passwords
- Give the user information about what happens
- Force register the Validator for passwords
- A bit of documentation
- A cow
- Dev mode won't trigger a pwned password (because we love devs)
- Disable the check temporarily if needed
- Informational message in the CMS
- Breach-count in the CMS if breaches are found
- Breaches that contain the user's email address, to help them make informative decisions
- Aggressive locking out
- It sounds bad, but it's for the better.
First actual release in to the wild
- Lock out the user when the password is found to be breached at login
- Disallow the password to be changed to a known to be breached password
- Allow a local configuration to disable checking from a local environment
- Allow to save the sites on which the user's email has been breached
The untested
This is the pre-release of the HaveIBeenPwnd module
- Test a password against the HaveIBeenPwnd database
- Add a list of places where the database knows your email address
- Block the password reset based on the settings in your yml