[Xon] Password Tools 3.9.0

• Reduce queries when triggering forced email 2fa
• Prevent rare DuplicateKeyException when forcing email 2fa and multiple tabs are being used

Thanks to @NamePros for sponsoring this update.

• Update compromised password alert text to be less awkward
• On updating passwords, remove any compromised password alerts to avoid user confusion
• Add "Force email two factor authentication on compromised password" option (default disabled)
• Add "Pwned password minimum count (soft)" option.
  This allows a user to change a password to a known compromised value which is under a given number of known hits. This still generates compromised password alerts

• Force global namespace for functions which are known to be optimizable to bytecode in php, or known global functions to avoid a current namespace lookup for the function.
• Add "On login; alert the user if they have a known compromised password" option (default enabled)
• Add "Minimum time between triggering compromised password alerts on login" option (default 24 hours)

Click to expand...