Is there an option to disable Pwn'd password check

[thedragonkeeper]

I want to disable the check of is password is pwn'd but i cant find an option for it

Is this available somewhere or can it be added ?

[geoperez]

No, there is not an option. Let me add it.

Good catch!

[gpet-stack]

Any update ?

[ag0r4n]

Same problem here, passcore doesn' work behind a firewall not allowing internet access

[gpet-stack]

Passcore does not respect the proxy settings.

[ag0r4n]

Indeed, but at least it should work with no internet access ?

[gpet-stack]

I think that the Pwned Passwords API is always called.

[thedragonkeeper]

I believe it is always called , hence the issue posted, it will also sometimes lock up while trying to make the request. This makes passcore bad method for self service if you are behind a firewall/webfilter/proxy.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[insignia96]

Just wondering if we could get an update on this issue. I am also running it on a server without Internet access and have patched this issue myself by rebuilding the software from the source with this check bypassed.

[tablaty]

I also would like to know if this is being looked at. I updated to this latest version, but I had to revert back because of this feature. I made the process too long, it makes the service useless in my environment.
thanks

[geoperez]

@antonioi88 can you help us with this?

[x0341]

any updates ? the same issue even if the password and policy is good have always the same problem as this ticket.

[IamPhilG]

I do have the same issue.

I have checked against the API itself the password and in the end it is a safe password.
Due to my infrastructure, here, I am not able to allow calls to this API from the Backend. Is this guess about “the call to the api from the backend” true ?
Then with this implementation and without an option to not use the API check this version will not be for me.

A bit of guidance to the files to modify in the source code and I’ll do it myself.

Any update would be really appreciated.

[cservs]

Any updates ? Yes, i need full offline mode, without allowing internet access!

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[DartZEK]

Any updates? I'd prefer full offline mode too

[simonai1254]

I am running passcore in a closed environment too and would be happy to disable the checks (even though it's a great feature to have them). I had to downgrade to 4.2.3 to get it working without stumbling accross issue #605

[JoopIdema]

Just use version 3.61. Problem solved.

[simonai1254]

@JoopIdema IMHO old versions should not be the solution for a problem like this, this should be also pretty easy to fix...

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[simonai1254]

Keepalive

[dc540]

Is recompiling/manual patching or downgrading really the only way to fix this or work around it? Feels like much of the use-case for this application is closed-network usage.