🔑securely checks a password to see if it has been previously exposed in a data breach
🔑 securely checks a password to see if it has been previously exposed in a data breach
Ensure you have Node.js version 5 or higher installed. Then run the following:
$ npm install --global passw0rd
$ passw0rd
$ npm install passw0rd
const passw0rd = require('passw0rd');
passw0rd.check('passw0rd').then(res => {
console.log(`Password was found ${res.count} times`);
});
Browser
Run the following command to get UMD version of the library under the dist
folder
$ npm run build
<script src="https://cdn-path/dist/passw0rd.js"></script>
You can find the library on window.passw0rd
. A very simple POC is available at browser.html
Pwned Passwords has implemented a k-Anonymity model that allows a password to be searched for by partial hash. This allows the first 5 characters of a SHA-1 password hash (not case-sensitive) to be passed to the API.
GET https://api.pwnedpasswords.com/range/{first 5 hash chars}
passw0rd is using Pwned Passwords API which searches through a database of more than 500 million passwords collected from various breaches.
passw0rd
is one of the most commonly used passwords and has been found 200297 times in various data breaches!
MIT © Dheeraj Joshi