The Have I Been Pwned connector offered by Descope is an invaluable tool to enhance password security. By cross-referencing passwords with an extensive database of data breaches, this connector ensures that users avoid passwords previously compromised. Dive into this guide to set up and incorporate the Have I Been Pwned connector within your flows.

Setting Up The Have I Been Pwned Connector

For a seamless integration of the connector, follow these steps:

1. Navigate to Connector

  • Head over to your Descope dashboard.
  • Path: Dashboard -> Connectors.
  • Opt for “Have I Been Pwned”.

2. Connector Configuration

Have I Been Pwned connector configuration

Complete the necessary fields:

  • Connector name: Assign a custom name for the connector. This distinction is beneficial when you've multiple connectors based on the same template.
  • (Optional) Connector description: Provide a brief outline of your connector's functionality.

3. Usage

To use the connector, include the 'Breached Password Check' action subsequent to any user interface where a password input is required. Then you can conditionally render different actions based on success, error with HIBP API Check, No Password provided, or password used has appeared in a breach.

Have I Been Pwned connector configuration

Enhancing Password Security in Your Flow

Incorporating the Have I Been Pwned connector is a proactive step towards better password security. As users navigate through the flow, they receive immediate feedback about the strength and security of their chosen passwords, promoting better password practices.