Skip to main content

Analyze users for known data breaches with have I been pwned

Inspired by: Albert-Jan Schot

Validate all your users against known breaches with the have I been pwned API. That way you can quickly scan if your users are part of any known breaches.

$m365Status = m365 status --output text

if ($m365Status -eq "Logged Out") {
# Connection to Microsoft 365
m365 login

$users = m365 aad user list --properties "displayName,userPrincipalName" | ConvertFrom-Json

$users | ForEach-Object {
$user = $_
Write-Host "Check HBIP status for user '$($user.userPrincipalName)' - ($i/$($users.length))"

$hbipStatus = m365 aad user hibp --userName $user.userPrincipalName --apiKey $apiKey --verbose | ConvertFrom-Json

if ($hbipStatus -ne "No pwnage found") {
Write-Host -ForegroundColor Red "Issue with user '$($user.userPrincipalName)'"

Start-Sleep -Milliseconds 1500