npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

passprotect

v1.0.0

Published

Protect your user's passwords.

Downloads

48

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

rdeggesrdegges

Keywords

passwordprotectapihaveibeenpwnedsecurityloginbreach

Readme

passprotect-js

Protect your user's passwords.

PassProtect demo

What is PassProtect?

PassProtect is a developer library created and maintained by Randall Degges that you can drop into any web page which dramatically improves the security of users accessing your website.

PassProtect works by binding itself to all input elements on the page of type email or password. Whenever a user enters a new value into one of these input elements, PassProtect will check the user's email / password against the fabulous Have I Been Pwned? API service to see whether or not the user's email OR password has been breached in the past.

Finally, if appropriate, PassProtect will inform the user that their credentials were previously breached, give them some useful information, and ask them to update their password as soon as they can to reduce the risk that their account will be compromised.

PassProtect is a new, experimental way to proactively notify users about data breaches and help casual web users play a more active role in protecting their online accounts.

We believe that by informing and guiding users to reset their credentials when necessary, we can all help make the web a safer place <3

How to Use PassProtect

To use PassProtect in your website, simply copy the following script tag anywhere on your page. Don't worry about where you put it: anywhere is fine. It will run once the page has loaded and will initialize itself without any configuration necessary.

<html>
  <head>
    <!-- ... -->
  </head>
  <body>
    <!-- ... -->
    <script src="https://cdn.passprotect.io/passprotect.min.js"></script>
  </body>
</html>

You'll ideally want to include the PassProtect script tag on every page that contains an input element. There is almost no performance penalty for including PassProtect on all pages of your site -- if a page doesn't contain any input elements, PassProtect won't do anything and will immediately exit.

To keep things simple, our recommended approach is to just include the PassProtect script on every page of your site.

Is PassProtect Secure?

YES!

PassProtect never sends or stores password information over the network. It uses k-Anonymity to safely communicate your sensitive data over the internet without risk.

PassProtect is also completely free, open source, and maintained by Randall Degges. If you want to audit the source, or have ideas about how to do things better, please open a GitHub issue or email me directly.

Changelog

1.0.0: May 24, 2018

  • Removing email breach detection functionality.

0.2.1: May 22, 2018

  • Improving form binding for posterity.

0.2.0: May 22, 2018

  • Removing redundant npm publish script.
  • Adding Firefox support.

0.1.0: May 19, 2018

  • First release! Yey.