[Extention Request] Check users email with "have i been pwned" API for security breach

This should be a very simple implemention to check if an account is using an email that has been breached. I know this might give some false positives but better to be aware of it then later to check if it is/was.

https://haveibeenpwned.com has a free API

Notes: When you first run a check it would probably give you some positives. That’s fine. You should just go over them and see if there’s any action needed or flag them as read.

The benefit comes after time when suddenly a user is flagged as having their email breached.

I’m using Wordfence for this, check out:


I also use WordFence and didn’t know it already had this built in! Thanks Jos :slight_smile:

1 Like