PHPackages                             ron-maxweb/pwned-passwords - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. ron-maxweb/pwned-passwords

Abandoned → [mxrxdxn/pwned-passwords](/?search=mxrxdxn%2Fpwned-passwords)Library[Security](/categories/security)

ron-maxweb/pwned-passwords
==========================

A library to query Troy Hunt's Pwned Passwords service to see whether or not a password has been included in a public breach.

v2.1.0(4y ago)322745[1 PRs](https://github.com/mxrxdxn/pwned-passwords/pulls)MITPHPPHP ^7.3 | ^8.0

Since Feb 22Pushed 3mo ago2 watchersCompare

[ Source](https://github.com/mxrxdxn/pwned-passwords)[ Packagist](https://packagist.org/packages/ron-maxweb/pwned-passwords)[ RSS](/packages/ron-maxweb-pwned-passwords/feed)WikiDiscussions master Synced yesterday

READMEChangelog (4)Dependencies (3)Versions (8)Used By (0)

PwnedPasswords
==============

[](#pwnedpasswords)

A library to query Troy Hunt's Pwned Passwords service to see whether or not a password has been included in a public breach.

Requirements
============

[](#requirements)

- PHP &gt;= 7.2

Installation
============

[](#installation)

Installing PwnedPasswords is made easy via Composer. Just require the package using the command below, and you are ready to go.

```
composer require mxrxdxn/pwned-passwords

```

Usage
=====

[](#usage)

To use the library, you can do something along the lines of the following.

```
require_once('vendor/autoload.php');

$pp = new PwnedPasswords\PwnedPasswords;

$password = '123456789';

$insecure = $pp->isPwned($password); //returns true or false
```

The `isPwned` method will return true if the password has been found in the PwnedPasswords API, and false if not.

If you want to build your own thresholds (Ex. display a warning if the password has been found more than once and an error if more than 5x) you can call the `isPwned` method like below.

```
$pp = new PwnedPasswords\PwnedPasswords;

$password = '123456789';

$insecure = $pp->isPwned($password, true);

if ($insecure) {
    echo 'Oh no — pwned!' . "\n";
    echo sprintf('This password has been seen %d time%s before.', $insecure, ($insecure > 1 ? 's' : ''));
} else {
    echo 'All good!';
}
```

Issues
======

[](#issues)

Please feel free to use the Github issue tracker to post any issues you have with this library.

###  Health Score

45

—

FairBetter than 91% of packages

Maintenance54

Moderate activity, may be stable

Popularity23

Limited adoption so far

Community16

Small or concentrated contributor base

Maturity73

Established project with proven stability

 Bus Factor1

Top contributor holds 87.1% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~255 days

Recently: every ~319 days

Total

6

Last Release

1771d ago

Major Versions

v1.2.0 → v2.0.02019-03-15

PHP version history (5 changes)v1.0.0PHP &gt;=5.0.0

v1.1.0PHP &gt;=7.0.0

v1.2.0PHP &gt;=7.1.3

v2.0.0PHP &gt;=7.2

v2.1.0PHP ^7.3 | ^8.0

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/23401787?v=4)[Ron](/maintainers/mxrxdxn)[@mxrxdxn](https://github.com/mxrxdxn)

---

Top Contributors

[![azjezz](https://avatars.githubusercontent.com/u/29315886?v=4)](https://github.com/azjezz "azjezz (27 commits)")[![mxrxdxn](https://avatars.githubusercontent.com/u/23401787?v=4)](https://github.com/mxrxdxn "mxrxdxn (1 commits)")[![pocketarc](https://avatars.githubusercontent.com/u/5393?v=4)](https://github.com/pocketarc "pocketarc (1 commits)")[![ramiror](https://avatars.githubusercontent.com/u/372955?v=4)](https://github.com/ramiror "ramiror (1 commits)")[![sapphyrus](https://avatars.githubusercontent.com/u/22681389?v=4)](https://github.com/sapphyrus "sapphyrus (1 commits)")

---

Tags

breachpasswordpassword-strengthpasswordsphpphp7pwnedpasswordssecuritysecuritypasswordpasswords

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/ron-maxweb-pwned-passwords/health.svg)

```
[![Health](https://phpackages.com/badges/ron-maxweb-pwned-passwords/health.svg)](https://phpackages.com/packages/ron-maxweb-pwned-passwords)
```

###  Alternatives

[akaunting/laravel-firewall

Web Application Firewall (WAF) package for Laravel

1.0k494.9k2](/packages/akaunting-laravel-firewall)[unicodeveloper/laravel-password

Protect your users from entering dumb and common passwords

4251.4M5](/packages/unicodeveloper-laravel-password)[jeremykendall/password-validator

Password Validator validates password\_hash generated passwords, rehashes passwords as necessary, and will upgrade legacy passwords.

14270.3k3](/packages/jeremykendall-password-validator)[jorijn/laravel-security-checker

Added Laravel functionality to the Enlightn Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you.

2031.9M1](/packages/jorijn-laravel-security-checker)[rych/phpass

PHP Password Library: Easy, secure password management for PHP

248837.5k4](/packages/rych-phpass)[mxrxdxn/pwned-passwords

A library to query Troy Hunt's Pwned Passwords service to see whether or not a password has been included in a public breach.

3377.0k4](/packages/mxrxdxn-pwned-passwords)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
