🔑securely checks a password to see if it has been previously exposed in a data breach
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore Initial commit Mar 29, 2018
.npmrc Initial commit Mar 29, 2018
.travis.yml fix build Mar 29, 2018
LICENSE Initial commit Mar 29, 2018
README.md Update README Apr 1, 2018
browser.html fix browser poc Mar 29, 2018
cli.js Add message box and comments Apr 1, 2018
index.js Initial commit Mar 29, 2018
package.json 1.0.2 Apr 1, 2018
screenshot.png Update screenshot 🌠 Apr 1, 2018
test.js Initial commit Mar 29, 2018
webpack.config.js add target library name Mar 29, 2018

README.md

passw0rd travis npm XO code style

🔑 securely checks a password to see if it has been previously exposed in a data breach

CLI 💻

  • Keeps your password hidden
  • Clears your clipboard automatically

Installation 🚀

Ensure you have Node.js version 5 or higher installed. Then run the following:

$ npm install --global passw0rd

Checking your password 🔍

$ passw0rd

CLI

API 📝

Installation

$ npm install passw0rd

Usage

const passw0rd = require('passw0rd');

passw0rd.check('passw0rd').then(res => {
	console.log(`Password was found ${res.count} times`);
});

Browser

Run the following command to get UMD version of the library under the dist folder

$ npm run build

<script src="https://cdn-path/dist/passw0rd.js"></script>

You can find the library on window.passw0rd. A very simple POC is available at browser.html

How it works ⚙

Pwned Passwords has implemented a k-Anonymity model that allows a password to be searched for by partial hash. This allows the first 5 characters of a SHA-1 password hash (not case-sensitive) to be passed to the API.

GET https://api.pwnedpasswords.com/range/{first 5 hash chars}

passw0rd is using Pwned Passwords API which searches through a database of more than 500 million passwords collected from various breaches.

Todo

  • Add CLI Help Menu
  • Add Icon / GIF
  • Add babel
  • Reduce bundle size using webpack
  • Write unit test cases
  • Improve performance for browser api
  • Improve browser POC
  • Move cli/lib to a different repo
  • Add security checks
  • Add to node-awesomejs

FAQ - Why is it named passw0rd? 💫

passw0rd is one of the most commonly used passwords and has been found 200297 times in various data breaches!

See Also

License

MIT © Dheeraj Joshi