Earlier this week I posted this blog post that showed a working example of usingĀ a custom Pwned Password FIM/MIM Management Agent to flag a boolean attribute in the MIM Service to indicate whether a users password is in the pwned passwords dataset or not.… keep reading
Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager
Update: An element of this solutionĀ details checking passwords online (using the Have I Been Pwned API). Troy explains succinctly in his blog-post announcing the pwned passwords list why this is a bad idea. If you are looking to implement the concept I detail in this post then WE STRONGLY recommend using a local copy of the pwned password list.… keep reading