Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mathiscode/password-leak
A library to check for compromised passwords
https://github.com/mathiscode/password-leak
haveibeenpwned javascript-library password-safety security-tools
Last synced: about 1 month ago
JSON representation
A library to check for compromised passwords
- Host: GitHub
- URL: https://github.com/mathiscode/password-leak
- Owner: mathiscode
- License: mit
- Created: 2019-06-23T15:44:07.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2024-03-15T20:55:10.000Z (9 months ago)
- Last Synced: 2024-10-27T22:16:29.267Z (about 2 months ago)
- Topics: haveibeenpwned, javascript-library, password-safety, security-tools
- Language: JavaScript
- Homepage:
- Size: 1.11 MB
- Stars: 97
- Watchers: 0
- Forks: 7
- Open Issues: 29
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# password-leak
[![Version](https://img.shields.io/npm/v/@mathiscode/password-leak.svg?color=blue)](https://www.npmjs.com/package/@mathiscode/password-leak)
[![Downloads](https://img.shields.io/npm/dm/@mathiscode/password-leak.svg?color=blue)](https://www.npmjs.com/package/@mathiscode/password-leak)
[![Standardjs](https://img.shields.io/badge/code_style-standard-blue.svg)](https://standardjs.com)
[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-blue.svg)](https://github.com/mathiscode/password-leak/compare)
[![GitHub license](https://img.shields.io/github/license/mathiscode/password-leak.svg?color=blue)](https://github.com/mathiscode/password-leak/blob/master/LICENSE)[![Build Status](https://travis-ci.org/mathiscode/password-leak.svg?branch=master)](https://travis-ci.org/mathiscode/password-leak)
[![Known Vulnerabilities](https://snyk.io/test/github/mathiscode/password-leak/badge.svg?targetFile=package.json)](https://snyk.io/test/github/mathiscode/password-leak?targetFile=package.json)Also check out the [password-leak-monitor](https://github.com/mathiscode/password-leak-monitor) browser extension!
---
- [Introduction](#Introduction)
- [How is this safe?](#How-is-this-safe)
- [Installation](#Installation)
- [Usage in Browser](#Usage-in-Browser)
- [Usage in Node.js](#Usage-in-Nodejs)
- [With import/await](#With-importawait)
- [With require/promises](#With-requirepromises)
- [Usage in Command Line](#Usage-in-Command-Line)---
## Introduction
`password-leak` is a JavaScript module that can be used to determine if a password is compromised by checking with the [Have I Been Pwned API](https://haveibeenpwned.com/API/).
## How is this safe?
Your passwords are **NEVER** transmitted to any other system. This library makes use of the [Have I Been Pwned API](https://haveibeenpwned.com/API/), which implements a [k-Anonymity Model](https://en.wikipedia.org/wiki/K-anonymity) so your password can be checked without ever having to give it to any other party.
## Installation
`npm install @mathiscode/password-leak`
## Usage in Browser
```html
isPasswordCompromised('myPassword').then(isCompromised => {
console.log('Is compromised?', isCompromised)
})```
## Usage in Node.js
### With import/await
```js
import isPasswordCompromised from '@mathiscode/password-leak'const isCompromised = await isPasswordCompromised('myPassword')
console.log('Is compromised?', isCompromised)
```### With require/promises
```js
const isPasswordCompromised = require('@mathiscode/password-leak').defaultisPasswordCompromised('myPassword').then(isCompromised => {
console.log('Is compromised?', isCompromised)
})
```## Usage in Command Line
Install globally, or use `npx @mathiscode/password-leak`
```sh
npm install -g @mathiscode/password-leak
```You can then run `password-leak` to interactively enter the masked password, or provide the password as an argument, eg. `password-leak myPassword`
The exit status will be 0 (not compromised) or 1 (compromised).