Analyze users for known data breaches with have i been pwned

Summary

Validate all your users against known breaches with the have i been pwned api. That way you can quickly scan if your users are part of any known breaches.

• CLI for Microsoft 365

Copied

$apiKey = "<PUTYOURKEYHERE>"
$m365Status = m365 status

if ($m365Status -match "Logged Out") {
    # Connection to Microsoft 365
    m365 login
}

$users = m365 aad user list --properties "displayName,userPrincipalName" | ConvertFrom-Json

$users | ForEach-Object {
    $user = $_
    $i++
    Write-Host "Check HBIP status for user '$($user.userPrincipalName)' - ($i/$($users.length))"

    $hbipStatus = m365 aad user hibp --userName $user.userPrincipalName --apiKey $apiKey --verbose | ConvertFrom-Json

    if ($hbipStatus -ne "No pwnage found") {
        Write-Host -ForegroundColor Red "Issue with user '$($user.userPrincipalName)'"
        $hbipStatus
    }

    Start-Sleep -Milliseconds 1500
}

Check out the CLI for Microsoft 365 to learn more at: https://aka.ms/cli-m365

Important changes coming to the way you login into CLI for Microsoft 365 (effective 9th September 2024) see Changes in PnP Management Shell registration in Microsoft 365

Source Credit

Sample first appeared on Analyze users for known data breaches with have i been pwned | CLI for Microsoft 365

Contributors

Author(s)
Albert-Jan Schot

Disclaimer

THESE SAMPLES ARE PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.