script to locally check if your password has been breached using haveibeenpwned.com hashes #bash

is-this-password-pwned.sh

#!/bin/bash
# description       script to locally check if your password has been breached using haveibeenpwned.com hashes
# usage             bash mkscript.sh
# dependencies      bash, 7z, grep, wget
#==============================================================================

# checking prerequirements
sha1HashFile="pwned-passwords-sha1-ordered-by-hash-v5"
if ! test -f "$sha1HashFile.txt"; then
    read -p "Password hashes not found. Download the file now? (y/n)" -n 1 -r
    echo
    if [[ $REPLY =~ ^[Yy]$ ]]; then
        echo Downloading sha1 hashes ...
        wget https://downloads.pwnedpasswords.com/passwords/pwned-passwords-sha1-ordered-by-hash-v5.7z
        if ! test -f "$sha1HashFile.7z"; then
            echo Could not find the downloaded file \("$sha1HashFile".7z\). Aborting.
            exit 1
        fi
        echo Extracting sha1 hashes from 7z ...
        7z x "$sha1HashFile".7z
        if ! test -f "$sha1HashFile.txt"; then
            echo Unable to find the extracted txt file \("$sha1HashFile".txt\). Aborting.
            exit 1
        fi
    fi
fi

# reading Password and checking if the hash exists within the breaches
echo -n "Enter the password you would like to check: "
read -s -r password
echo
sha1=$(echo -n "$password" | sha1sum | awk '{print $1}' | tr '[:lower:]' '[:upper:]')
echo "Checking if the password hash is in the list..."

if grep -q "$sha1" "$sha1HashFile".txt
then
    echo !! THIS PASSWORD WAS PART OF A BREACH. CHANGE IT EVERYWHERE YOU USE IT AND DON\'T USE IT AGAIN.
else
    echo Password NOT found
fi