Skip to content

Instantly share code, notes, and snippets.


Don Lampert donlampert

View GitHub Profile
donlampert /
Last active Jan 18, 2019
Check for compromised passwords outside of search/api

pwned password check

Checks the compromised passwords database for a given hashed password without sending said credential across the wire.

Get Password Data

  1. Install p7zip if you don't have it: brew install p7zip
  2. Download large 7zip pwned passwords file (SHA-1; I downloaded by prevalence):
  3. Extract pwned passwords file: 7z e pwned-passwords-sha1-ordered-by-count-v4.7z

Search Password Data

  1. Get SHA-1 hashed version of your password and make it uppercase: echo -n "<password>" | openssl sha1 | awk '{print toupper($0)}'
You can’t perform that action at this time.