Skip to content

Instantly share code, notes, and snippets.

@phdesign
Last active September 29, 2018 13:03
Show Gist options
  • Save phdesign/90a47538d65df9dcc0dec23bca85b4d3 to your computer and use it in GitHub Desktop.
Save phdesign/90a47538d65df9dcc0dec23bca85b4d3 to your computer and use it in GitHub Desktop.
Bash One-Liner to Check Your Password(s) via pwnedpasswords.com’s API Using the k-Anonymity Method
echo "Enter your password:"; read -s pass_str; sha1=$(echo -n $pass_str | tr -d '\n' | openssl sha1); echo "Hash prefix: ${sha1:0:5}"; echo "Hash suffix: ${sha1:5:35}"; result=$(curl https://api.pwnedpasswords.com/range/${sha1:0:5} 2>/dev/null | grep $(echo ${sha1:5:35} | tr '[:lower:]' '[:upper:]')); printf "Your password appeared %d times in the database.\\n" "${result#*:}" 2>/dev/null
@phdesign
Copy link
Author

Updated for Mac support

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment