For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Pwned Passwords Check

Problem this snippet solves: This snippet makes it possible to use Troy Hunt’s ‘Pwned Passwords’ API. By using this API one can check if the password being used was exposed in earlier data breaches....

Updated Jun 06, 2023

Version 2.0

api

application delivery

BIG-IP Access Policy Manager (APM)

MVP

Joined May 16, 2019

View Profile

EricBrokeIt_245

Nimbostratus

Sep 10, 2018

All this is 12.x mind you.

Yeah, it doesn't seem to be logging anything in the LTM related to it. Added a log item in the iRule just to see if it was hitting and got nothing, even put in something to show that a password was at least hitting the VA-Get Password. Still nothing.

So went into APM and made a lot setting to debug everything with everything on. I see the IE-HIBP hit and fallback. But it happens on every password, used a test users with a 23 character randomly generated password with all the number, special character, capitals, etc, options. it hits fallback every time.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Pwned Passwords Check

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS