In [1]:
import hashlib
import requests


In [2]:
def get_sha1_hash(password):
    sha1 = hashlib.sha1(password.encode('utf-8')).hexdigest().upper()
    return sha1


In [3]:
def check_pwned_api(hash_prefix, hash_suffix):
    url = f"https://api.pwnedpasswords.com/range/{hash_prefix}"
    res = requests.get(url)
    if res.status_code != 200:
        raise RuntimeError(f"Error fetching data: {res.status_code}")
    
    hashes = (line.split(':') for line in res.text.splitlines())
    for h, count in hashes:
        if h == hash_suffix:
            return count
    return 0


In [4]:
def check_password_breach(password):
    sha1 = get_sha1_hash(password)
    prefix = sha1[:5]
    suffix = sha1[5:]
    count = check_pwned_api(prefix, suffix)
    
    if count:
        print(f"⚠️ Password found in {count} breaches! Choose a stronger one.")
    else:
        print("✅ Password not found in known breaches.")


In [5]:
password = input("Enter a password to check: ")
check_password_breach(password)


Enter a password to check: password123
⚠️ Password found in 864904 breaches! Choose a stronger one.


In [6]:
password = input("Enter a password to check: ")
check_password_breach(password)


Enter a password to check: 123456
⚠️ Password found in 130075037 breaches! Choose a stronger one.


### ✅ Summary

This tool checks whether a password has been involved in known data breaches using the HaveIBeenPwned API.

- It uses **SHA-1 hashing** and the **k-anonymity model**
- It returns how many times the password appeared in public breaches
- You can test common or custom passwords to see if they're safe

---

### 🔐 Example Run:
```
Enter a password to check: password123
⚠️ Password found in 864984 breaches! Choose a stronger one.
```