Check CSV export of a keepassx database against haveibeenpwnd (k-anonymized)

check-keepass-passwords.py

#!/usr/bin/env python3
import csv
import sys
# https://github.com/lionheart/pwnedpasswords
import pwnedpasswords

def main():
    if len(sys.argv) == 0:
        print("USAGE: %s keepass-passwords.csv", sys.argv[0])
        sys.exit(1)
    with open(sys.argv[1]) as f:
        reader = csv.DictReader(f)
        for line in reader:
            password = line.get("Password", "")
            if password == "": continue
            pwned = pwnedpasswords.check(password)
            if pwned != 0:
                title = line.get("Title", "")
                print("Password %s for %s is insecure" % (password, title))
if __name__ == '__main__':
    main()