Package org.springframework.security.authentication.password

Interface CompromisedPasswordChecker

All Known Implementing Classes:

HaveIBeenPwnedRestApiPasswordChecker

public interface CompromisedPasswordChecker

An API for checking if a password has been compromised.

Since:

6.3

Method Summary

Modifier and Type	Method	Description
CompromisedPasswordDecision	check(@Nullable String password)	Check whether the password is compromised.

Method Details

check

CompromisedPasswordDecision check(@Nullable String password)

Check whether the password is compromised. If password is null, then the return value must be false for CompromisedPasswordDecision.isCompromised() since a null password represents no password (e.g. the user leverages Passkeys instead).

Parameters:

password - the password to check

Returns:

a non-null CompromisedPasswordDecision