Table of contents
In this post, you will learn how to verify in Laravel Password validation if the password submitted is not in the data leak. Every day many websites have been hacked and passwords leaked publicly. So we need to learn if your password is still secured to use.
In the previous version of Laravel 8.x they released a feature that easy to validate if the password is compromised. You can visit my previous tutorial about Laravel strong password validation here.
Let's say you have a
Request class already for your registration form. Inside of the
rules() method let's add the password validation. See the following code below:
return [ 'password' => [ 'required', Password::min(8) ->uncompromised() ], 'password_confirmation' => 'required|same:password' ];
As you can see using
Password::min(8)->uncompromised() you will easily determine if your password has been leaked and if still secured to use.
Take note that calling this method will take a few seconds because behind the scene this method will call an API to validate it.
That's it I hope it helps. Thank you.