Skip to content

Instantly share code, notes, and snippets.

Avatar

Don Lampert donlampert

View GitHub Profile
@donlampert
donlampert / pwned-password.md
Last active Jan 18, 2019
Check for compromised passwords outside of haveibeenpwned.com search/api
View pwned-password.md

pwned password check

Checks the haveibeenpwned.com compromised passwords database for a given hashed password without sending said credential across the wire.

Get Password Data

  1. Install p7zip if you don't have it: brew install p7zip
  2. Download large 7zip pwned passwords file (SHA-1; I downloaded by prevalence): https://haveibeenpwned.com/Passwords
  3. Extract pwned passwords file: 7z e pwned-passwords-sha1-ordered-by-count-v4.7z

Search Password Data

  1. Get SHA-1 hashed version of your password and make it uppercase: echo -n "<password>" | openssl sha1 | awk '{print toupper($0)}'
You can’t perform that action at this time.