Add result of pwnd passwords as a number to the entries / is:weak search results

[stefan123t]

Summary

I do like both the is:weak search filter, as I can specify which columns to include in my list view.
and the pwnd passwords under ';-- HIBP added to the Database > Database Reports / Ctrl+Shift+R and introduced with #4438.

Examples

In the normal list view I can see and sort by the password strength but also by the password field itself.
Hence I can easily find any duplicate passwords.
I would like to have the results count from the HIBP report as a number in the normal list view.

I.e. when I run the HIBP report it returns some number of how frequently the password was used in leaks so far from the API:

$ function checkpasswd { local pwned sha siteout;
   read -p 'Try me: ' -s pwned;
   sha=$(echo -n "$pwned" | sha1sum | awk '{ print $1 }');
   siteout=$(curl -s https://api.pwnedpasswords.com/range/${sha:0:5})
   if ! grep -i "${sha: -((${#sha}-5))}" <<<"$siteout";
      then echo 'OK';
   fi; }

$ checkpasswd 
Try me: password
1E4C9B93F3F0682250B6CF8331B7EE68FD8:10434003

So the password password with sha1sum prefix 5baa6 and remainder 1E4C9B93F3F0682250B6CF8331B7EE68FD8 appeared '10434003' times in HIBP password leaks.

If these numbers would be stored as a pwnd score to the passwords in the database,
it could be easily shown afterwards as a separate column in the normal is:weak filter view.

Adding the sha1sum prefix 5baa6 as another column could also be used to check if passwords are duplicates
without revealing / displaying the real password. But this is not a necessity.

Context

This can serve as a reminder that a password is likely insecure as it has been leaked to the public e.g. for password stuffing attacks.

[droidmonkey]

If you get a hit on the HIBP results you should just change that password immediately. We won't store the results from HIBP in the database, a hit means you have a problem, address it now.