Analyze users for known data breaches with have I been pwned
Inspired by: Albert-Jan Schot
Validate all your users against known breaches with the have I been pwned API. That way you can quickly scan if your users are part of any known breaches.
- PowerShell
$apiKey = "<PUTYOURKEYHERE>"
$m365Status = m365 status --output text
if ($m365Status -eq "Logged Out") {
# Connection to Microsoft 365
m365 login
}
$users = m365 entra user list --properties "displayName,userPrincipalName" | ConvertFrom-Json
$users | ForEach-Object {
$user = $_
$i++
Write-Host "Check HBIP status for user '$($user.userPrincipalName)' - ($i/$($users.length))"
$hbipStatus = m365 entra user hibp --userName $user.userPrincipalName --apiKey $apiKey --verbose | ConvertFrom-Json
if ($hbipStatus -ne "No pwnage found") {
Write-Host -ForegroundColor Red "Issue with user '$($user.userPrincipalName)'"
$hbipStatus
}
Start-Sleep -Milliseconds 1500
}