⚠️ Under no circunstances send real username or password that you use for services. You can use a known leaked password123456789
and usernameadmin
.
Our service is designed to strengthen password security by preventing the usage of leaked and weak passwords. It ensures that users choose passwords that are not only robust but also have not been compromised in data breaches.
This service provides an endpoint to validate passwords against a database of known leaked passwords and enforce strength requirements.
To use the service, make a POST request with a JSON payload containing the username and password:
curl -X POST https://faas-nyc1-2ef2e6cc.doserverless.co/api/v1/web/fn-ba8e141c-152f-46c2-9f1c-41dc67d7d55f/brokenmirror/brokenmirror \
-H "Content-Type: application/json" \
-d '{
"username": "my-username",
"password": "123456789!!%%ArAGoRn"
}'
{
"hash": "4ea78f2aa045b6c5a9d858705f15db54293f4ac54c2264173eaf92a2fd1936ee"
}
Expected response in case of error:
curl -X POST https://faas-nyc1-2ef2e6cc.doserverless.co/api/v1/web/fn-ba8e141c-152f-46c2-9f1c-41dc67d7d55f/brokenmirror/brokenmirror \
-H "Content-Type: application/json" \
-d '{
"username": "my-username",
"password": "123456789"
}'
{
"error": "password is leaked"
}
Here are the error messages in the provided code:
- "username or password not provided or invalid"
- "password must be at least 8 characters long"
- "password must be at most 64 characters long"
- "password must be at most 72 bytes long"
- "username or password contains invalid characters"
- "unable to make request to pwnedpasswords"
- "unable to read response from pwnedpasswords"
- "password is leaked"
Any other error message can be considered a bug.
- The endpoint is secure and does not pose inherent risks by its design.
- There is not an admin panel for this solution.
- Our deployment scales horizontally in a serverless environment, providing robustness against DDoS attacks targeting the request endpoint.
- Minor spelling/grammatic errors are not bugs unless they prevent the usage of the platform.
- Timeout: 8000ms
- Memory: 256mb
Payed using Bitcoin Lightning Network:
- Issues: 5.000 SATS (R$ 10) per issue.
- Bugs: 50.000 SATS (R$ 100) per bug.
- Critical bugs: 100.000 (R$ 200) per critical bug.