https://github.com/xmatthias/pywnedpasswords
Checkt pwnedpasswords.com in a secure way
https://github.com/xmatthias/pywnedpasswords
api-client password pwnedpasswords python3
Last synced: about 1 year ago
JSON representation
Checkt pwnedpasswords.com in a secure way
- Host: GitHub
- URL: https://github.com/xmatthias/pywnedpasswords
- Owner: xmatthias
- License: mit
- Created: 2018-02-21T22:25:48.000Z (over 8 years ago)
- Default Branch: main
- Last Pushed: 2025-03-19T14:43:09.000Z (over 1 year ago)
- Last Synced: 2025-03-26T23:05:27.538Z (over 1 year ago)
- Topics: api-client, password, pwnedpasswords, python3
- Language: Python
- Homepage:
- Size: 244 KB
- Stars: 30
- Watchers: 3
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# pywnedPasswords
[](https://travis-ci.org/xmatthias/pywnedpasswords)
This script uses the pwnedpasswords.com v2 api to check your password in
a secure way (using the [K-anonymity](https://en.wikipedia.org/wiki/K-anonymity) method)
The full Hash is never transmitted over the wire, only the first 5 characters.
The comparison happens offline.
Special thanks to Troy Hunt ([@troyhunt](https://twitter.com/troyhunt)) for making this project possible.
## Installation
``` bash
pip install pywnedpasswords
```
## Usage
### Interactive
``` bash
pywnedpasswords
```
Insert your password when asked.
the output will either be:
> Password to check:
>
> Found your password 47205 times.
or in case your password is secure
> Password to check:
>
> Your password did not appear in PwnedPasswords yet.
### Passing the password as a command line argument
**Discouraged - as it might leaves the password in your shell history**
``` bash
pywnedpasswords Passw0rd
```
> Found your password 46980 times.
### Piping the password
**Discouraged - as it might leaves the password in your shell history**
``` bash
echo -n 'Passw0rd!' | pywnedpasswords
```
> Found your password 46980 times.
### Reading passwords from a file
``` bash
pywnedpasswords -f list-of-passwords.txt
```
Result is in the form: `: `. `0` meaning the password is not known from Have I Been Pwned yet.
>
> 0: 7026
> 1: 45337
> 2: 376
> 3: 51
> 4: 27
> 5: 11
> 6: 136
> 7: 1
> 8: 6
> 9: 1
> 10: 0
> 11: 0
> 12: 0
>
## Exit code
The `pywnedpasswords` exits with code `2` if the password is know of Have I Been Pwned already, and exit code `0` otherwise.
© xmatthias 2018