PHPackages nickurt/laravel-pwned-passwords - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. nickurt/laravel-pwned-passwords ActiveLibrary[Security](/categories/security) nickurt/laravel-pwned-passwords =============================== PwnedPasswords for Laravel 11.x/12.x/13.x 2.1(2mo ago)187.5k↓75%3MITPHPPHP ^8.2CI passing Since Feb 27Pushed 2mo ago2 watchersCompare [ Source](https://github.com/nickurt/laravel-pwned-passwords)[ Packagist](https://packagist.org/packages/nickurt/laravel-pwned-passwords)[ RSS](/packages/nickurt-laravel-pwned-passwords/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (8)Versions (15)Used By (0) Laravel Pwned Passwords ----------------------- [](#laravel-pwned-passwords) [![Build Status](https://github.com/nickurt/laravel-pwned-passwords/workflows/tests/badge.svg)](https://github.com/nickurt/laravel-pwned-passwords/actions)[![Total Downloads](https://camo.githubusercontent.com/76cb5765b38b717589289832d5283a19b95a5711c133ef73ae04d41472bb8f8a/68747470733a2f2f706f7365722e707567782e6f72672f6e69636b7572742f6c61726176656c2d70776e65642d70617373776f7264732f642f746f74616c2e737667)](https://packagist.org/packages/nickurt/laravel-plesk)[![Latest Stable Version](https://camo.githubusercontent.com/03635c5d85d5ae853c278a07f01d1cecb74533892f43c960cb1e55cd21a51901/68747470733a2f2f706f7365722e707567782e6f72672f6e69636b7572742f6c61726176656c2d70776e65642d70617373776f7264732f762f737461626c652e737667)](https://packagist.org/packages/nickurt/laravel-plesk)[![MIT Licensed](https://camo.githubusercontent.com/8ffbb5e061d9d653174f8cc1070d6757996085ba7f34f49a126e2dee64158efe/68747470733a2f2f706f7365722e707567782e6f72672f6e69636b7572742f6c61726176656c2d70776e65642d70617373776f7264732f6c6963656e73652e737667)](LICENSE.md) ### Installation [](#installation) Install this package with composer: ``` composer require nickurt/laravel-pwned-passwords ``` Copy the config files for the PwnedPasswords-plugin ``` php artisan vendor:publish --provider="nickurt\PwnedPasswords\ServiceProvider" --tag="config" ``` ### Examples [](#examples) #### Validation Rule - IsPwnedPassword [](#validation-rule---ispwnedpassword) ``` // FormRequest ... public function rules() { return [ 'password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)] ]; } // Manually ... $validator = validator()->make(request()->all(), ['password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)]]); ``` The `IsPwnedPassword`-rule has one optional paramter `frequency` (default 10) to validate the request. #### Manually Usage - IsPwnedPassword [](#manually-usage---ispwnedpassword) ``` $isPwnedPassword = \PwnedPasswords::setFrequency(20) ->setPassword('laravel-pwned-passwords') ->isPwnedPassword(); ``` #### Events [](#events) You can listen to the `IsPwnedPassword` event, e.g. if you want to log the `IsPwnedPassword`-requests in your application ##### IsPwnedPassword Event [](#ispwnedpassword-event) This event will be fired when the password is above the frequency of pwned passwords `nickurt\PwnedPasswords\Events\IsPwnedPassword` ### Tests [](#tests) ``` composer test ``` --- ### Health Score 59 — FairBetter than 99% of packages Maintenance88 Actively maintained with recent releases Popularity32 Limited adoption so far Community15 Small or concentrated contributor base Maturity83 Battle-tested with a long release history Bus Factor1 Top contributor holds 85.7% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~226 days Recently: every ~305 days Total 14 Last Release 60d ago Major Versions 1.11 → 2.02025-02-25 PHP version history (6 changes)1.0PHP ^7.0 1.1PHP ^7.1.3 1.2PHP ^7.2 1.8PHP ^8.0|^7.4 1.10PHP ^8.1 1.11PHP ^8.2 ### Community Maintainers ![](https://www.gravatar.com/avatar/41ad8e23eeb9da6d6c8495ba9bb8021aeeba1d45307b7dad2c70c3fa6703d713?d=identicon)[nickurt](/maintainers/nickurt) --- Top Contributors [![nickurt](https://avatars.githubusercontent.com/u/5840084?v=4)](https://github.com/nickurt "nickurt (30 commits)")[![ysbrandB](https://avatars.githubusercontent.com/u/72889753?v=4)](https://github.com/ysbrandB "ysbrandB (2 commits)")[![dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?v=4)](https://github.com/dependabot-preview[bot] "dependabot-preview[bot] (1 commits)")[![Jessseee](https://avatars.githubusercontent.com/u/21026046?v=4)](https://github.com/Jessseee "Jessseee (1 commits)")[![RyanTheAllmighty](https://avatars.githubusercontent.com/u/1723537?v=4)](https://github.com/RyanTheAllmighty "RyanTheAllmighty (1 commits)") --- Tags have-i-been-pwnedhaveibeenpwnedlaravelpasswordspwnedpwned-passwordslaravelhaveibeenpwnedpwned-passwords ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/nickurt-laravel-pwned-passwords/health.svg) ``` [![Health](https://phpackages.com/badges/nickurt-laravel-pwned-passwords/health.svg)](https://phpackages.com/packages/nickurt-laravel-pwned-passwords) ``` ### Alternatives [akaunting/laravel-firewall Web Application Firewall (WAF) package for Laravel 999465.8k2](/packages/akaunting-laravel-firewall)[soved/laravel-gdpr GDPR compliance with ease 299127.5k2](/packages/soved-laravel-gdpr)[masterro/laravel-xss-filter Filter user input for XSS but don't touch other html 41254.5k](/packages/masterro-laravel-xss-filter)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8745.6k](/packages/dgtlss-warden) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)