{"id":14156596,"url":"https://github.com/mathiscode/password-leak","last_synced_at":"2025-04-04T23:07:34.531Z","repository":{"id":34978023,"uuid":"193366355","full_name":"mathiscode/password-leak","owner":"mathiscode","description":"A library to check for compromised passwords","archived":false,"fork":false,"pushed_at":"2025-02-19T17:42:27.000Z","size":1282,"stargazers_count":97,"open_issues_count":0,"forks_count":7,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-03-28T22:14:43.872Z","etag":null,"topics":["haveibeenpwned","javascript-library","password-safety","security-tools"],"latest_commit_sha":null,"homepage":"https://password-leak.vercel.app","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mathiscode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["mathiscode"]}},"created_at":"2019-06-23T15:44:07.000Z","updated_at":"2025-02-28T03:02:27.000Z","dependencies_parsed_at":"2024-01-05T19:29:10.461Z","dependency_job_id":"6ee1aca4-05f8-407c-bff8-f88873320a69","html_url":"https://github.com/mathiscode/password-leak","commit_stats":{"total_commits":75,"total_committers":3,"mean_commits":25.0,"dds":0.09333333333333338,"last_synced_commit":"e51cc7c752840d5f1fd4c3369fad24a7a6141d9f"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathiscode%2Fpassword-leak","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathiscode%2Fpassword-leak/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathiscode%2Fpassword-leak/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathiscode%2Fpassword-leak/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mathiscode","download_url":"https://codeload.github.com/mathiscode/password-leak/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247261603,"owners_count":20910108,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["haveibeenpwned","javascript-library","password-safety","security-tools"],"created_at":"2024-08-17T08:06:51.127Z","updated_at":"2025-04-04T23:07:34.510Z","avatar_url":"https://github.com/mathiscode.png","language":"CSS","funding_links":["https://github.com/sponsors/mathiscode"],"categories":["security-tools"],"sub_categories":[],"readme":"\u003c!-- markdownlint-disable MD026 --\u003e\n\n# @mathiscode/password-leak \u003c!-- omit in toc --\u003e\n\n[![Live Demo](https://img.shields.io/badge/live-demo-blue?style=for-the-badge)](https://password-leak.vercel.app)\n\n[![Version](https://img.shields.io/npm/v/@mathiscode/password-leak.svg?color=blue)](https://www.npmjs.com/package/@mathiscode/password-leak)\n[![Downloads](https://img.shields.io/npm/dm/@mathiscode/password-leak.svg?color=blue)](https://www.npmjs.com/package/@mathiscode/password-leak)\n[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-blue.svg)](https://github.com/mathiscode/password-leak/compare)\n[![GitHub license](https://img.shields.io/github/license/mathiscode/password-leak.svg?color=blue)](https://github.com/mathiscode/password-leak/blob/master/LICENSE.md)\n[![Known Vulnerabilities](https://snyk.io/test/github/mathiscode/password-leak/badge.svg?targetFile=package.json)](https://snyk.io/test/github/mathiscode/password-leak?targetFile=package.json)\n\n---\n\n- [Introduction](#introduction)\n- [How is this safe?](#how-is-this-safe)\n- [Installation](#installation)\n- [Usage in Browser](#usage-in-browser)\n- [Usage in Node.js](#usage-in-nodejs)\n  - [With import/await](#with-importawait)\n  - [With require/sync](#with-requiresync)\n- [Usage in Command Line](#usage-in-command-line)\n- [Development](#development)\n\n---\n\n## Introduction\n\n`password-leak` is a JavaScript module that can be used to determine if a password is compromised by checking with the [Have I Been Pwned API](https://haveibeenpwned.com/API/).\n\n## How is this safe?\n\nYour passwords are **NEVER** transmitted to any other system. This library makes use of the [Have I Been Pwned API](https://haveibeenpwned.com/API/), which implements a [k-Anonymity Model](https://en.wikipedia.org/wiki/K-anonymity) so your password can be checked without ever having to give it to any other party.\n\n## Installation\n\n`npm install @mathiscode/password-leak@latest`\n\n## Usage in Browser\n\n```html\n\u003cscript src=\"https://unpkg.com/@mathiscode/password-leak@latest\"\u003e\u003c/script\u003e\n\n\u003cscript\u003e\n  const isLeaked = await isPasswordLeaked('myPassword')\n  const strength = await checkPasswordStrength('myPassword')\n  console.log('Is leaked?', isLeaked)\n  console.log('Strength', strength)\n\u003c/script\u003e\n```\n\n## Usage in Node.js\n\n### With import/await\n\n```js\nimport isPasswordLeaked from '@mathiscode/password-leak'\n\nconst isLeaked = await isPasswordLeaked('myPassword')\nconst strength = await checkPasswordStrength('myPassword')\nconsole.log('Is leaked?', isLeaked)\nconsole.log('Strength', strength)\n```\n\n### With require/sync\n\n```js\nconst { checkPasswordStrength, isPasswordLeakedSync } = require('@mathiscode/password-leak')\n\nisPasswordLeakedSync('myPassword', (error, isLeaked) =\u003e {\n  if (error) throw new Error(error)\n  console.log('Is leaked?', isLeaked)\n})\n\nconst strength = checkPasswordStrength('myPassword')\nconsole.log('Strength', strength)\n```\n\n## Usage in Command Line\n\nInstall globally:\n\n```sh\nnpm install -g @mathiscode/password-leak\n```\n\nYou can also use it without installing via npx:\n\n```sh\nnpx @mathiscode/password-leak myPassword\n```\n\nYou can then use it in two ways:\n\n1. Interactive mode:\n\n```sh\npassword-leak\n```\n\n2. Direct mode:\n\n```sh\npassword-leak myPassword\n```\n\nThe command will:\n\n- Print whether the password has been compromised and its strength\n- Exit with status code 0 if the password is safe\n- Exit with status code 1 if the password is compromised or an error occurs\n\n## Development\n\n```sh\n# Clone the repository\ngit clone https://github.com/mathiscode/password-leak.git\ncd password-leak\n\n# Use pnpm to install dependencies\npnpm install\n\n# Build the project\npnpm run build\n\n# Run the tests\npnpm run test\n\n# Start the UI\npnpm run ui # demo at https://password-leak.vercel.app\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmathiscode%2Fpassword-leak","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmathiscode%2Fpassword-leak","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmathiscode%2Fpassword-leak/lists"}