/// <summary> /// Check if a password has been pwned /// </summary> /// <param name="password">The password to check</param> /// <returns>Number of instances the password has been pwned</returns> public async Task <int> CheckPassword(string password) { int result = 0; var passwordHashBytes = PasswordHasher.HashPassword(password); var passwordHash = PasswordHasher.ConvertHashToString(passwordHashBytes); var passwordHashPrefix = passwordHash.Substring(0, 5); var response = await CheckIfPwned(passwordHashPrefix).ConfigureAwait(false); if (response.Any()) { var passwordHashSuffix = passwordHash.Substring(6); var breaches = response .Split(new string[] { "\n", "\r\n" }, StringSplitOptions.RemoveEmptyEntries) .Where(r => r.ToLowerInvariant().Contains(passwordHashSuffix.ToLowerInvariant())) .ToList(); breaches.ForEach(fe => { var breach = fe.Split(':'); result += int.Parse(breach[1]); }); } return(result); }