The Have I Been Pwned connector offered by Descope is an invaluable tool to enhance password security. By cross-referencing passwords with an extensive database of data breaches, this connector ensures that users avoid passwords previously compromised. Dive into this guide to set up and incorporate the Have I Been Pwned connector within your flows.
For a seamless integration of the connector, follow these steps:
- Head over to your Descope dashboard.
- Path: Dashboard -> Connectors.
- Opt for “Have I Been Pwned”.
Complete the necessary fields:
- Connector name: Assign a custom name for the connector. This distinction is beneficial when you've multiple connectors based on the same template.
- (Optional) Connector description: Provide a brief outline of your connector's functionality.
To use the connector, include the 'Breached Password Check' action subsequent to any user interface where a password input is required. Then you can conditionally render different actions based on success, error with HIBP API Check, No Password provided, or password used has appeared in a breach.
Incorporating the Have I Been Pwned connector is a proactive step towards better password security. As users navigate through the flow, they receive immediate feedback about the strength and security of their chosen passwords, promoting better password practices.