Preventing use of known-compromised passwords

If you are using a known-compromised password found in the HaveIBeenPwned.com database, you will be prompted to change your password after login or any other time you provide GitHub your password. Additionally, you will not be able to create or update an account with a known-compromised password.

Have feedback on this post? Let @github know on Twitter.
Need help or found a bug? Contact us.

Changelog

Subscribe

Discover new ways to build better

Try Marketplace apps free for 14 days

Learn more