Hi there,

First of all, thank you for the package.

I think i found a little bug, when the validation fails it always tells me the password has been found 1 time, because for my test i will not except more. Now i know for sure the password 'Welcome01' has more then 1 security incident.

it seems you're replacing the :min with the configured threshold, probably you want to replace it with the result of $this->gateway->search($value)?

besides, the message doesn't seem to be overwriteable, or translatable. maybe you could move this to a publishable language file?

Hi,

Thanks for your issue & suggestion! I'll take a look at it later, as it's midnight around here and I just got in to bed, but I definitely like the idea of a language file! 😅

Hi Niek,

Thanks again for your translations feature.

The bug you described by itself is actually expected behaviour. The error message itself also indicates this:

Password was found in at least :num prior security incident(s). Please choose a more secure password.

While it indeed doesn't show you the exact number of time that the password is known to be pwned, it does tells you that it's been pwned more than x times. If you want it to show a number more than 1 (like you described), you can set the threshold to a higher value.

I hope this clarifies things.