Have I been pwned
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
Cargo.toml Use Rayon Feb 11, 2019
README.md Add README.md Feb 12, 2019


Check your Keepass database against HIBP

Have I been pwned (HIBP) is a service which tracks leaks of personal data. It records the various breaches and stores the associated password.

If you use KeePass or compatible programs such as the excellent KeePassXC for Linux, you might want to check which of your passwords are weak. A password is weak if it has been revealed in previous breaches, as dictionary attacks will probably include it.


You can compile hibp-check by running the cargo utility:

$ cargo build --release

You can then install the executable on your system by running:

$ sudo install -c -m 755 target/release/hibp-check /usr/local/bin

Running hibp-check

If your KeePass database is located in ~/keepass/passwords.kdbx, you can run hibp-check the following ways:

If you have installed hibp-check on your system

$ hibp-check keepass --ask-password ~/keepass/passwords.kdbx

If you haven't yet installed hibp-check on your system

$ cargo run --release -- keepass --ask-password ~/keepass/passwords.kdbx

Password and key file variation

If you don't use a password, you can omit the --ask-password option. If you use a key file (possibly in addition to a password), add --key-file FILE to the command line.

You may also prefer to indicate your password on the command line using --password PASSWORD, but this is not recommended as anyone logged onto the same machine will be able to snoop your password using the ps Unix command.

Also, if you want the compromised passwords to appeared in plain text on the console, you can add the --show-password before keepass on the command line.