Update to 1.2.4

andrew-schofield · andrew-schofield · commit d78ade54c071 · 2018-02-23T16:40:14.000Z
diff --git a/Changelog.md b/Changelog.md
@@ -1,5 +1,9 @@
 # keepass2-haveibeenpwned Changelog
 
+### v1.2.4 - 2018-02-23
+* Enable password check mode using the new HIBP v2 password API. Thanks to Matt Schneeberger.
+* Add breach description to checker dialog
+
 ### v1.2.3 - 2017-10-27
 * Temporarily disable the password check mode as it sends weakly hashed passwords (although encrypted) to HIBP.
 
diff --git a/HaveIBeenPwned.plgx b/HaveIBeenPwned.plgx
diff --git a/HaveIBeenPwned/Properties/AssemblyInfo.cs b/HaveIBeenPwned/Properties/AssemblyInfo.cs
@@ -10,7 +10,7 @@
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("Andrew Schofield")]
 [assembly: AssemblyProduct("KeePass Plugin")]
-[assembly: AssemblyCopyright("Copyright © Andrew Schofield  2017")]
+[assembly: AssemblyCopyright("Copyright © Andrew Schofield  2017-2018")]
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
@@ -32,5 +32,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers 
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.2.3.0")]
-[assembly: AssemblyFileVersion("1.2.3.0")]
+[assembly: AssemblyVersion("1.2.4.0")]
+[assembly: AssemblyFileVersion("1.2.4.0")]
diff --git a/README.md b/README.md
@@ -16,9 +16,9 @@
 * [Have I Been Pwned (HIBP)](https://haveibeenpwned.com/) - Checks the usernames of any entries against the Have I Been Pwned? list curated by Troy Hunt
 
 ### Password based
-~~[Have I Been Pwned (HIBP)](https://haveibeenpwned.com/) - Checks the passwords of any entries against the Have I Been Pwned? list curated by Troy Hunt~~
+* [Have I Been Pwned (HIBP)](https://haveibeenpwned.com/) - Checks the passwords of any entries against the Have I Been Pwned? list curated by Troy Hunt
 
-**This checker is disabled in the current version of the plugin** as the HIBP password checking API requires passwords to only weakly-hashed. Although these hashes are encrypted in transit, this is still an insecure way of checking password breaches. A future updates should enable offline password breach checking. See https://github.com/andrew-schofield/keepass2-haveibeenpwned/issues/33 for reference.
+**This checker sends a small portion of the password hash to HIBP and then checks the full hash locally against the list of hashes returned by HIBP. This service does not send your password, nor enough of the hash to expose your password to HIBP.**
 
 ## Usage
 
@@ -43,6 +43,7 @@ keepass2-haveibeenpwned is developed entirely in my own time. If you wish to sup
 
 [![Donate](https://img.shields.io/badge/Donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S2DVYTS47PX4S)
 
-## Copyright
+## Contributers
 
-&copy; 2017 Andrew Schofield
+* **Andrew Schofield**
+* **Matt Schneeberger**
diff --git a/VERSION b/VERSION
@@ -1,3 +1,3 @@
 :
-HaveIBeenPwned checker:1.2.3
+HaveIBeenPwned checker:1.2.4
 :
diff --git a/mono/HaveIBeenPwned.dll b/mono/HaveIBeenPwned.dll

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`:`
`2`		`-HaveIBeenPwned checker:1.2.3`
	`2`	`+HaveIBeenPwned checker:1.2.4`
`3`	`3`	`:`