{"id":19069178,"url":"https://github.com/edyatl/passchek","last_synced_at":"2025-04-28T14:10:27.338Z","repository":{"id":57450948,"uuid":"273064125","full_name":"edyatl/passchek","owner":"edyatl","description":"Passchek is a simple cli tool, checks if your password has been compromised.","archived":false,"fork":false,"pushed_at":"2023-05-12T15:49:33.000Z","size":930,"stargazers_count":7,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-18T16:29:04.328Z","etag":null,"topics":["check","cli","compromise","k-anonymity","password","pipeline","pwnedpasswords","security","utility"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/edyatl.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-17T19:43:56.000Z","updated_at":"2024-10-11T03:50:46.000Z","dependencies_parsed_at":"2024-11-09T01:14:02.145Z","dependency_job_id":"dff577f9-d5e8-4d13-b03a-36d52a720305","html_url":"https://github.com/edyatl/passchek","commit_stats":{"total_commits":18,"total_committers":1,"mean_commits":18.0,"dds":0.0,"last_synced_commit":"564ad128b065044e62eff490f0a2a36ed8aba96a"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edyatl%2Fpasschek","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edyatl%2Fpasschek/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edyatl%2Fpasschek/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edyatl%2Fpasschek/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/edyatl","download_url":"https://codeload.github.com/edyatl/passchek/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251326849,"owners_count":21571636,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["check","cli","compromise","k-anonymity","password","pipeline","pwnedpasswords","security","utility"],"created_at":"2024-11-09T01:13:38.117Z","updated_at":"2025-04-28T14:10:27.318Z","avatar_url":"https://github.com/edyatl.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Passchek logo](https://svgshare.com/i/Mmo.svg)\n\n\n# Passchek\n\n\n\u003e Passchek is a simple cli tool, checks if your password has been compromised.\n\n[![Version: v0.2.1](https://img.shields.io/badge/version-v0.2.1-blue)](https://github.com/edyatl/passchek)\n[![License: MIT](https://img.shields.io/badge/license-MIT-green)](https://github.com/edyatl/passchek/LICENSE)\n[![Python3](https://img.shields.io/badge/python-3.5%20%7C%203.6%20%7C%203.7-blue)](https://github.com/edyatl/passchek)\n\nPasschek is a python program for searching in [Troy Hunt's pwnedpassword API](https://haveibeenpwned.com/API/v3#SearchingPwnedPasswordsByRange) using the k-anonymity algorithm.\n\nPasschek was inspired by [jamesridgway](https://github.com/jamesridgway)/[pwnedpasswords.sh](https://github.com/jamesridgway/pwnedpasswords.sh) bash script.\n\n\n## Algorithm\n\n\n1. Hash the PASSWORD by SHA1.\n2. Split hash for 5 char prefix and 35 char suffix.\n3. Requests [Troy Hunt's pwnedpassword API](https://haveibeenpwned.com/API/v3#SearchingPwnedPasswordsByRange) for the prefix.\n4. Convert response to the dictionary with suffixes as keys and number of matches as values.\n5. And finally determine matches for initial PASSWORD by its hash suffix as a key.\n\n\n## Features\n\n\n- Checks one password or number of passwords.\n- Shows a text sentence about  compromising or just figures.\n- It can be used in shell pipes, it can read stdin.\n- It can display the SHA1 password hash in a tuple format (“prefix”, “suffix”) without an Internet request.\n\n\n## Usage\n\n\n```sh\n    Usage:\n        passchek.py [options] [\u003cPASSWORD\u003e]\n\n    Arguments:\n        PASSWORD Provide (password | passwords) as argument or leave blank to provide via stdin or prompt\n\n    Options:\n        -h, --help      Shows this help message and exit\n        -n, --num-only  Set output without accompanying text\n        -p, --pipe      For use in shell pipes, read stdin\n        -s, --sha1      Shows SHA1 hash in tuple (\"prefix\", \"suffix\") and exit\n        -v, --version   Shows current version of the program and exit\n```\n\n### Security Note\n\n\nPlease note that in case of using PASSWORD as command line argument it will be kept in .bash_history file in raw insecure format. Using via explicit prompt dialog is more secure and preferably.\n\n\n## Usage examples\n\n\nA) Call **passchek** without options and arguments, enter 'qwerty' as an example password. *Please note that when you are typing password via explicit prompt, nothing is displayed on the screen, this is normal and is used for security reasons.* After press Enter key you'll see a sentence in new line with number of matches in the pwnedpassword DB.\n\n```sh\n    $ python3 passchek.py \n    Enter password: \n    This password has appeared 3912816 times in data breaches.\n```\n\nB) Call **passchek** with option '-n' (--num-only) without arguments, enter 'qwerty' as an example password. After press Enter key you'll see a number in new line with matches in the pwnedpassword DB.\n\n```sh\n    $ python3 passchek.py -n \n    Enter password: \n    3912816\n```\n\nC) Call **passchek** with option '-s' (--sha1) without arguments, enter 'qwerty' as an example password. After press Enter key you'll see new line with the password hash in a tuple format (“prefix”, “suffix”).\n\n```sh\n    $ python3 passchek.py -s\n    Enter password: \n    ('B1B37', '73A05C0ED0176787A4F1574FF0075F7521E')\n```\n\nD) Call **passchek** with options '-ns' (--num-only --sha1) without arguments, enter 'qwerty' as an example password. After press Enter key you'll see new line with the password hash splited by space 'prefix suffix'.\n\n```sh\n    $ python3 passchek.py -ns\n    Enter password: \n    B1B37 73A05C0ED0176787A4F1574FF0075F7521E\n```\n\nE) Call **passchek** without options and with argument 'qwerty' as an example password. You'll see a sentence in new line with number of matches in the pwnedpassword DB. *Please note that using real password as an argument not recommended, for more details see [Security Note](#security-note).*\n\n```sh\n    $ python3 passchek.py qwerty\n    This password has appeared 3912816 times in data breaches.\n```\n\nF) Call **passchek** with option '-n' (--num-only) and with arguments 'qwerty', 'ytrewq', 'qazwsx' *(these three are very common weak passwords)* and 'jnfjdfksdjfbskjdeuhiseg' *(random typing)* as examples passwords. You'll see numbers in new lines with matches in the pwnedpassword DB. *Please don't forget about [Security Note](#security-note).*\n\n```sh\n    $ python3 passchek.py -n qwerty ytrewq qazwsx jnfjdfksdjfbskjdeuhiseg\n    3912816\n    33338\n    505344\n    0\n```\n\nG) Use **passchek** with options '-np' (--num-only --pipe) in pipe with `cat pass_list.txt` to check all passwords in text file (In this example text file was created as `ls .. \u003e pass_list.txt` in the script dir). You'll see numbers in new lines with matches in the pwnedpassword DB.\n\n```sh\n    $ cat pass_list.txt | python3 passchek.py -np\n    21\n    8\n    0\n    0\n    0\n    0\n    0\n    0\n    457\n```\n\nH) Let's count a number of compromised passwords in the previous example 'G'. \n\n```sh\n    $ cat pass_list.txt | python3 passchek.py -np | grep -v '^0' | wc -l\n    3\n```\nSo three passwords in our list have been compromised.\n\nI) To determine these three weak passwords we need to know their line numbers in the text file.\n\n```sh\n    $ cat pass_list.txt | python3 passchek.py -np | grep -vn '^0'\n    1:21\n    2:8\n    9:457\n```\n\nJ) Now we can get a list of strong passwords just delete lines with compromised.\n\n```sh\n    $ sed -i '1d;2d;9d;' pass_list.txt | python3 passchek.py -np | grep -v '^0' | wc -l\n    0\n```\nSo no more weak passwords detected.\n\n\n## Installation\n\n\nYou can simple download one script file [passchek.py](https://github.com/edyatl/passchek/blob/master/passchek/passchek.py) and use it with python3.\n\nOr try to install by pip.\n\nFirst check if package exists:\n\n```sh\n    $ python3 -m pip search passchek\n```\nInstall if package exists:\n\n```sh\n    $ python3 -m pip install --user passchek\n```\nOr just:\n```sh\n    $ pip3 install passchek\n```\n\n\n### Installation for Windows users\n\n\nIf you are want to use Passchek on Windows, first install Python 3 from https://www.python.org/downloads/windows/.\n\nWhile installation check at setup master  something like `Also install pip` to install package manager pip with Python 3:\n\n* [x] Also install pip version ...\n\nAfter Python 3 installation process type cmd.exe in run menu and press Enter to open console window.\n\nThen type in console window:\n```sh\n    C:\\Users\\User\u003e pip install passchek\n```\n\nTry **passchek**, enter 'qwerty' as an example password. *Please note that when you are typing password via explicit prompt, nothing is displayed on the screen, this is normal and is used for security reasons.* \n\n```sh\n    C:\\Users\\User\u003e passchek \n    Enter password: \n    This password has appeared 3912816 times in data breaches.\n```\n\n\n## Help\n\n\nFor help screen just provide `-h` or `--help` as a command line option.\n\nOption `-v` or `--version` shows current version.\n\n\n## Contributing\n\n\nThe main repository if the code is at https://github.com/edyatl/passchek\n\nI'm happy to take from you any patches, pull requests,  bug reports,  ideas about new functionality and so on.\n\nIf you find this project useful, don't forget to give it a star ⭐️ on Github  to show your support!\n\n\n## Thanks\n\n\nThanks to [Troy Hunt](https://www.troyhunt.com) for collecting data and providing API.\n\nThanks to [James Ridgway](https://github.com/jamesridgway) for [pwnedpasswords.sh](https://github.com/jamesridgway/pwnedpasswords.sh) bash script.\n\n\n## Authors\n\n\nYevgeny Dyatlov ([@edyatl](https://github.com/edyatl))\n\n\n## License\n\n\nThis project is licensed under the MIT License.\n\nCopyright (c) 2020 Yevgeny Dyatlov ([@edyatl](https://github.com/edyatl))\n\nPlease see the [LICENSE](https://github.com/edyatl/passchek/blob/master/LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedyatl%2Fpasschek","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fedyatl%2Fpasschek","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedyatl%2Fpasschek/lists"}