Description
| Q | A |
|---|---|
| Bug report? | no |
| Feature request? | yes |
| BC Break report? | yes |
| RFC? | yes |
I'm thinking of implementing password validation against https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
Basically I expect to hash the password, do a ranged search (pass the first 5 chars of the hash), you get back all hashes that start with those 5 chars, and a count of how many times this password has been seen in compromised databases.
Is this something you'd accept as a PR to this bundle or should I implement it separately?