Have I Been Pwned

Episode #470 by Teacher's Avatar David Kimura

Summary

Pwned Passwords are hundreds of millions of real world passwords previously exposed in data breaches.In this episode, we will look at adding this integration into our Rails applications where Devise or Action Auth are used as the authentication solutions.
rails authentication security 12:52

Chapters

  • Introduction (0:00)
  • Adding Devise (1:06)
  • Introducing Have I Been Pwned (3:34)
  • Adding the pwned functionality to devise (4:57)
  • Testing pwned on devise (5:21)
  • Configuring pwned settings (5:36)
  • Quick note about security (6:14)
  • Check existing passwords (7:09)
  • ActionAuth Overview (8:12)
  • Installing ActionAuth (8:53)
  • Understanding how ActionAuth extends functionality (10:00)
  • Testing out basic ActionAuth install (10:32)
  • Adding Have I Been Pwned integration (10:55)
  • Installing passkey support (11:16)
  • Testing passkeys (11:58)
  • Final thoughts (12:39)
Student & Teacher
$ 9 /mo

Valid School Email Required

Same Access as Pro

Subscribe Now
Pro Monthly
$ 19 /mo

Access to Pro Episodes

Invite to Slack Channel

Priority Suggestions

Ad Free

Subscribe Now
Pro Annual
$ 190 /yr

Access to Pro Episodes

Invite to Slack Channel

Priority Suggestions

Ad Free

Subscribe Now
Teams
$ 57 /mo

3 Users Minimum

$19.00 / user / month

Same Access as Pro

Subscribe to Teams