HIBP

Introduction

This plugin makes use of the "Have I Been Pwned" password checker API, with the aim of improving password security for your site's users by preventing them from using a password that is known to have been compromised.

HaveIBeenPwned.com contains an archive of user credentials that have been made public after being hacked, and allows anyone to query the database to find out whether their credentials have been compromised.

For the purposes of validating a new password, the API can be used to determine whether the password being entered has already been compromised. If the requested password already exists in the HaveIBeenPwned database, it should be assumed to be insecure, because many hacking attempts will use existing known credentials when attempting to crack new passwords.

In addition, the API also returns the number of times that the specified password exists in the database. This can also be used to establish the security (or lack thereof) of a given password; if it exists many times in the database, then it is clearly a commonly used password, and thus vulnerable to attack even if it successfully passes the conventional complexity tests.

The "Have I Been Pwned" API is operated by noted security researcher Troy Hunt and is made available for free. It is recommended and used by major companies, governments and security agencies. It is secure to use because the way it works means that it never sends or receives a password, not even an encrypted or hashed one; only partial hashes are transmitted to it for it to check; this is not enough to identify a password.

Free

Notify Activation

By Simon Champion

User Management

This plugin creates a user note when an account is activated. This makes it easy for administrators to tell when the activation was done, and what method was used to activate it (ie did the user click a link in an activation email, or did an admin user activate them from the admin panel?) As of v2.2, the plugin can also send emails to either the user being activated or to the site admins, notifyi...

Free

Headline Marquee

By Simon Champion

News Display

This module displays text in a scrolling marquee. The content can be taken from titles of your Joomla articles, or K2 items, or from an external RSS feed. It is also possible to write additional plugins for it so you can load headlines from any data source you want....

Free

Integration for Question2Answer

By Simon Champion

Question & Answers

Question2Answer is a popular open-source application for running a Question and Answer board on your website. This plugin provides integration between Question2Answer and Joomla!. Features: Single sign-on: Users logged into your Joomla! site will be automatically logged into your Question2Answer board under the same username. ACL support: Use Joomla!'s ACL access levels to control who gets acce...

Free

Tag Filter for K2

By Simon Champion

K2 extensions

Tag Filter for K2 is a very simple module that provides a drop-down list of tags from your K2 items, allowing your user to quickly pick a tag that interests them without first having to know what tags exist. It gives your users a quick an convenient alternative to using the search field....

Free

Interface to the Numbers API

By Simon Champion

Education & Culture

A simple module that loads random trivia facts from the Numbers API (http://numbersapi.com/) and displays them on your Joomla! site. The module can be configured with various options, mapping to the options available on the API....

Free

Wolfram Widgets

By Simon Champion

Education & Culture

This is a simple module that displays a widget from Wolfram Alpha on your site. The module allows you to configure it with various options, allowing you to pick any of the widgets available from Wolfram Alpha, including a number of presets, or any others that have been created, or any that you might create for yourself....

Free

Random Strapline

By Simon Champion

Miscellaneous

Simple module that picks a random line of text from the module config to display on the site....

Free

Inlinetweet

By Simon Champion

Social Media

This plugin allows you to mark snippets of text in your page content as tweetable. The content will be rendered as a link that opens a twitter post window containing the relevant text. Includes options to specify a URL, twitter username and hashtags as extras...

Free

Restrict Usernames

By Simon Champion

User Management

Add restrictions to the username field. By default, Joomla is quite permissive with its usernames, allowing virtually any character. However there are reasons why some sites may want to restrict usernames to specific formats or character sets. This plugin allows you to do this. The plugin allows you to specify groups of characters that are permitted in usernames, and also a minimum/maximum lengt...

Free

Externaldisclaimer

By Simon Champion

Site Links

Pops up a disclaimer message whenever your site visitors click on a link to an external URL. Features: Treat any number of domains as 'internal', so they don't get the popup. Override patterns allow you specify certain internal links as external (eg for redirect links)...

Free

SC Random Article

By Simon Champion

Articles Display

A very simple plugin that allows you to set up a URL for each of your categories that will redirect to the page for a random article from that category. eg, something like this: http://mysite.com/mycat/random will select a random article from the mycat category, and redirect to it....

Free

Article Of The Day

By Simon Champion

Timed Content

This is a module that will select a random article for display each day (or other time period as you prefer) It is useful for sites with a lot of content that they wish to keep fresh as it allows older articles to be surfaced and rotated without effort....