Currently, Hudu only flags passwords via the built‑in HaveIBeenPwned feature, not via manual internal overrides.
It would be incredibly useful to have the ability to manually mark a password as compromised—even if it hasn’t appeared in a breach—and then automatically flag or locate all other instances of the same password across the Hudu instance. That way we can proactively audit and rotate shared credentials internally without relying solely on Hudu’s external breach monitor.