svn commit: r475648 - head/security/pwned-check
Stefan Esser
se at FreeBSD.org
Sun Jul 29 11:52:43 UTC 2018
Author: se
Date: Sun Jul 29 11:52:42 2018
New Revision: 475648
URL: https://svnweb.freebsd.org/changeset/ports/475648
Log:
Add information about support of the online check to the package description.
Approved by: antoine (implicit)
Modified:
head/security/pwned-check/Makefile
head/security/pwned-check/pkg-descr
Modified: head/security/pwned-check/Makefile
==============================================================================
--- head/security/pwned-check/Makefile Sun Jul 29 11:51:20 2018 (r475647)
+++ head/security/pwned-check/Makefile Sun Jul 29 11:52:42 2018 (r475648)
@@ -2,14 +2,14 @@
# $FreeBSD$
PORTNAME= pwned-check
-PORTVERSION= 2.0
+PORTVERSION= 2.2
PORTEPOCH= 1
CATEGORIES= security
MASTER_SITES= #
DISTFILES= #
MAINTAINER= se at FreeBSD.org
-COMMENT= Check whether password is known to have been exposed in data breaches
+COMMENT= Check whether password is known to have been exposed in a data breach
LICENSE= BSD2CLAUSE
Modified: head/security/pwned-check/pkg-descr
==============================================================================
--- head/security/pwned-check/pkg-descr Sun Jul 29 11:51:20 2018 (r475647)
+++ head/security/pwned-check/pkg-descr Sun Jul 29 11:52:42 2018 (r475648)
@@ -2,9 +2,17 @@ Pwned Passwords are hundreds of millions of real world
data breaches. This exposure makes them unsuitable for ongoing use as they
are at much greater risk of being used to take over other accounts.
-This script uses a downloaded copy of the pwned passwort hashes available
-from https://haveibeenpwned.com/Passwords/ to allow passwords to be locally
-checked, whether they are known to have been obtained in a data breach and
-therefore should not be used.
+This script offers 2 methods to check whether a password has been exposed
+in an uncovered breach:
+
+1) Online check implemented in such a way that the password to be checked
+ does not need to be sent to the remote database server.
+
+2) Local check against a copy of the pawned passwords database.
+
+Since the local copy of the database requires nearly 20 GB of disk space
+(and a download of more than 10 GB of compressed data) the access via the
+online check should be preferred, if the compatible with operational and
+security requirements.
WWW: https://haveibeenpwned.com/
More information about the svn-ports-all
mailing list