Pwned Passwords Check
Updated Jun 06, 2023
Version 2.0Was this article helpful?
session.custom.hibp.password is not required for this use case and exposes the users password in clear text in log files and in core dumps.
Instead, you can code and eliminate the extra VPE agent.
set password [ACCESS::session data get -secure session.logon.last.password]