This enables checking passwords against the [Have-I-Been-Pwned](https://haveibeenpwned.com/Passwords) database.  Passwords are only checked on registration and when changed on the profile.

Additionally this can attempt to check the password from the browser using the same API

SMF 2.1.0 or higher only!