Checkt pwnedpasswords.com in a secure way
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
pywnedpasswords Run black against this Jan 3, 2019
.gitignore Add .vscode to gitignore Jan 2, 2019
.pre-commit-config.yaml Run black Jan 3, 2019
.pyup.yml Change pyup to weekly Jan 11, 2019
.travis.yml Fix travis Jan 3, 2019
LICENSE Initial commit Feb 21, 2018
README.md
pyproject.toml
requirements-dev.txt Update pre-commit from 1.14.3 to 1.14.4 Feb 18, 2019
requirements.txt Add test requirements Apr 29, 2018
setup.cfg flake8 compliance Apr 29, 2018
setup.py simplify setup module as pypi now supports markdown Apr 29, 2018

README.md

pywnedPasswords

Build Status

This script uses the pwnedpasswords.com v2 api to check your password in a secure way (using the K-anonymity method)

The full Hash is never transmitted over the wire, only the first 5 characters. The comparison happens offline.

Special thanks to Troy Hunt (@troyhunt) for making this script possible.

Installation

pip install pywnedpasswords

Usage

Interactive

pywnedpasswords

Insert your password when asked.

the output will either be:

Password to check:

Found your password 47205 times.

or in case your password is secure

Password to check:

Your password did not appear in PwnedPasswords yet.

Passing the password as a command line argument

Discouraged - as it might leaves the password in your shell history

pywnedpasswords Passw0rd

Found your password 46980 times.

Piping the password

Discouraged - as it might leaves the password in your shell history

echo -n 'Passw0rd!' | pywnedpasswords 

Found your password 46980 times.

Reading passwords from a file

pywnedpasswords -f list-of-passwords.txt

Result is in the form: <line number>: <number of time the password was found>. 0 meaning the password is not known from Have I Been Pwned yet.

0: 7026
1: 45337
2: 376
3: 51
4: 27
5: 11
6: 136
7: 1
8: 6
9: 1
10: 0
11: 0
12: 0

Exit code

The pywnedpasswords exits with code 2 if the password is know of Have I Been Pwned already, and exit code 0 otherwise.

© xmatthias 2018