Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rolv-apneseth/password-checker

Checks if given password has been made public before using the pwned checker API
https://github.com/rolv-apneseth/password-checker

hashlib-library password-checker python

Last synced: about 1 month ago
JSON representation

Checks if given password has been made public before using the pwned checker API

Host: GitHub
URL: https://github.com/rolv-apneseth/password-checker
Owner: Rolv-Apneseth
License: mit
Created: 2020-08-18T10:42:26.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2021-07-13T13:54:16.000Z (over 3 years ago)
Last Synced: 2023-03-10T00:52:10.121Z (almost 2 years ago)
Topics: hashlib-library, password-checker, python
Language: Python
Homepage:
Size: 23.4 KB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # password-checker

Checks if given password has been made public before by using the pwned checker api, and if it has, displays how many times.

## What I learned

- Building GUI's using tkinter

- Interaction with a public api

- Use of the hashlib library for SHA1 encoding of information

- Handling user data with responsibility

## Installation

1. Requires python 3.6+ to run. Python can be installed from [here](https://www.python.org/downloads/).

2. To download, click on 'Code' to the top right, then download as a zip file. You can unzip using your preferred program.

   - You can also clone the repository using: `git clone https://github.com/Rolv-Apneseth/password-checker.git`

3. Install the requirements for the program.

   - In your terminal, navigate to the cloned directory and run:

     `python3 -m pip install -r requirements.txt`

4. To run the actual program, navigate further into the password-checker folder and from that directory run: `python3 main.py`

## Usage

1. After running main.py, click on the entry box and type in any password you would like checked

2. Click on the check password button. Your results will be displayed on the bottom part of the program.

Alternatively, run pass_check_script.py in the terminal/command line and provide any passwords you want checked as arguments.

Unfortunately, to check emails which have been leaked, an api key is required. If you wish to just check a personal email, however, you can easily do so by visiting their [website](https://haveibeenpwned.com/).

## Security

Both options will encode your password with the hashlib library and only send the first 5 characters of this encoded string to the public api.

The api then returns many matches they have for those first 5 characters and this program matches the given password to the ones received from the api to get a count.

These steps mean that your password will be completely safe, as the api will only have access to a small part of it and the program does not save any data.