PHPackages                             jukkarau/wp-pwnd-passwords - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. jukkarau/wp-pwnd-passwords

ActiveWordpress-plugin[Security](/categories/security)

jukkarau/wp-pwnd-passwords
==========================

Check passwords against known pwnd passwords

26PHP

Since Mar 8Pushed 8y ago1 watchersCompare

[ Source](https://github.com/jukra/wp-pwnd-passwords)[ Packagist](https://packagist.org/packages/jukkarau/wp-pwnd-passwords)[ RSS](/packages/jukkarau-wp-pwnd-passwords/feed)WikiDiscussions master Synced 2w ago

READMEChangelogDependenciesVersions (1)Used By (0)

WP Pwnd Passwords
=================

[](#wp-pwnd-passwords)

Check WordPress user passwords against passwords previously appeared in data breaches.

Features
--------

[](#features)

- Uses [Pwnd Passwords API](https://haveibeenpwned.com/Passwords) range search to check the passwords
- Validates passwords on WordPress password reset form
- Validates passwords on WordPress user edit page

Why?
----

[](#why)

Even though WordPress offers password strength meter, many users might skip it and use their own passwords. This plugin at least prevents users from using passwords that are already appeared in some data breach. Bots bruteforcing WordPress logins use password lists that contain these passwords, so this plugin helps with users security.

Screenshots
-----------

[](#screenshots)

### Using bad password result

[](#using-bad-password-result)

[![Pwnd password](/assets/screenshot-1.png)](/assets/screenshot-1.png)

###  Health Score

20

—

LowBetter than 13% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity7

Limited adoption so far

Community4

Small or concentrated contributor base

Maturity41

Maturing project, gaining track record

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/8558140?v=4)[Jukka Rautanen](/maintainers/jukra)[@jukra](https://github.com/jukra)

### Embed Badge

![Health badge](/badges/jukkarau-wp-pwnd-passwords/health.svg)

```
[![Health](https://phpackages.com/badges/jukkarau-wp-pwnd-passwords/health.svg)](https://phpackages.com/packages/jukkarau-wp-pwnd-passwords)
```

###  Alternatives

[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k18.0M138](/packages/mews-purifier)[paragonie/ecc

PHP Elliptic Curve Cryptography library

24772.0k36](/packages/paragonie-ecc)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
