Download the PHP package univ-rennes2/pwned-passwords without Composer

On this page you can find all versions of the php package univ-rennes2/pwned-passwords. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package pwned-passwords

PHP Pwned Passwords

Latest Stable Version REUSE compliant Minimum PHP Version Unit tests Coverage Status

A PHP library for the Pwned Passwords's API from Troy Hunt's Have I Been Pwned project.

The main feature compare to others is that you can configure your own API endpoint if don't want to use HIBP's API.

Table of Contents

What about security of the Pwned Password API ?

Testing real passwords on a remote API ? What about security and privacy ?

You don't send the password to the API, only the first 5 characters of the SHA1 password's hash are sent to the endpoint API. It's the implementation of a mathematical property called k-anonymity.

Not enough for you ? You can build your own API by using this Golang project :

This PHP Pwned Passwords lib permit you to change the API endpoint.

Read more about :

Install

Usage

Contribute

See CONTRIBUTING.md

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License v3.0 or later as published by the Free Software Foundation.

The program in this repository meet the requirements to be REUSE compliant, meaning its license and copyright is expressed in such as way so that it can be read by both humans and computers alike.

For more information, see https://reuse.software/


All versions of pwned-passwords with dependencies

PHP Build Version
Package Version
Requires php Version *
ext-curl Version *
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package univ-rennes2/pwned-passwords contains the following files

Loading the files please wait ....