Analyze users for known data breaches with have i been pwned
Summary
Validate all your users against known breaches with the have i been pwned api. That way you can quickly scan if your users are part of any known breaches.
$apiKey = "<PUTYOURKEYHERE>"
$m365Status = m365 status
if ($m365Status -match "Logged Out") {
# Connection to Microsoft 365
m365 login
}
$users = m365 aad user list --properties "displayName,userPrincipalName" | ConvertFrom-Json
$users | ForEach-Object {
$user = $_
$i++
Write-Host "Check HBIP status for user '$($user.userPrincipalName)' - ($i/$($users.length))"
$hbipStatus = m365 aad user hibp --userName $user.userPrincipalName --apiKey $apiKey --verbose | ConvertFrom-Json
if ($hbipStatus -ne "No pwnage found") {
Write-Host -ForegroundColor Red "Issue with user '$($user.userPrincipalName)'"
$hbipStatus
}
Start-Sleep -Milliseconds 1500
}
Check out the CLI for Microsoft 365 to learn more at: https://aka.ms/cli-m365
Important changes coming to the way you login into CLI for Microsoft 365 (effective 9th September 2024) see Changes in PnP Management Shell registration in Microsoft 365
Source Credit
Sample first appeared on Analyze users for known data breaches with have i been pwned | CLI for Microsoft 365
Contributors
Author(s) |
---|
Albert-Jan Schot |
Disclaimer
THESE SAMPLES ARE PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.