This plugin checks the HaveIBeenPwned site each time you enter a password to look if it has been pawned in a breach.
Note: Passwords is safely checked (only a hash is sent over the network).
Since the V3 version of the HaveIBeenPwned API (mid 2019), checking user names is not free anymore
(3.5$/month, see API V3 Key)...
So user name checking has been disabled in the latest version of this plugin.
Freely inspired from the equivalent keepass plugin