Release status: experimental
|Description||Checks passwords against the Pwned Passwords list.|
|Compatibility policy||release branches|
|License||No license specified|
|Translate the PwnedPasswords extension if it is available at translatewiki.net|
|Check usage and version matrix.|
Prevents the use of passwords which have been leaked in some past password breach, and thus protects against password reuse attacks.
The extension can be retrieved directly from Git [?]:
- Browse code
- Some extensions have tags for stable releases.
- Browse tags
- Select the tag
- Click "snapshot"
- Each branch is associated with a past MediaWiki release. There is also a "master" branch containing the latest alpha version (might require an alpha version of MediaWiki).
- Browse branches
- Select a branch name
- Click "Continue"
Extract the snapshot and place it in the extensions/PwnedPasswords/ directory of your MediaWiki installation.
If you are familiar with git and have shell access to your server, you can also obtain the extension as follows:
cd extensions/ git clone
- Download and place the file(s) in a directory called
- Add the following code at the bottom of your LocalSettings.php:
wfLoadExtension( 'PwnedPasswords' );
- Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
To users running MediaWiki 1.24 or earlier:
The instructions above describe the new way of installing this extension using
wfLoadExtension(). If you need to install this extension on these earlier versions (MediaWiki 1.24 and earlier), instead of
wfLoadExtension( 'PwnedPasswords' );, you need to use: