passw0rd v1.0.2
passw0rd 
š securely checks a password to see if it has been previously exposed in a data breach
CLI š»
- Keeps your password hidden
- Clears your clipboard automatically
Installation š
Ensure you have Node.js version 5 or higher installed. Then run the following:
$ npm install --global passw0rd
Checking your password š
$ passw0rd
API š
Installation
$ npm install passw0rd
Usage
const passw0rd = require('passw0rd');
passw0rd.check('passw0rd').then(res => {
console.log(`Password was found ${res.count} times`);
});Browser
Run the following command to get UMD version of the library under the dist folder
$ npm run build
<script src="https://cdn-path/dist/passw0rd.js"></script>You can find the library on window.passw0rd. A very simple POC is available at browser.html
How it works ā
Pwned Passwords has implemented a k-Anonymity model that allows a password to be searched for by partial hash. This allows the first 5 characters of a SHA-1 password hash (not case-sensitive) to be passed to the API.
GET https://api.pwnedpasswords.com/range/{first 5 hash chars}
passw0rd is using Pwned Passwords API which searches through a database of more than 500 million passwords collected from various breaches.
Todo
- Add CLI Help Menu
- Add Icon / GIF
- Add babel
- Reduce bundle size using webpack
- Write unit test cases
- Improve performance for browser api
- Improve browser POC
- Move cli/lib to a different repo
- Add security checks
- Add to node-awesomejs
FAQ - Why is it named passw0rd? š«
passw0rdis one of the most commonly used passwords and has been found 200297 times in various data breaches!
See Also
- Active Directory - Checking for Breached Passwords in Active Directory
- 1Password - Check your 1password exported passwords
License
MIT Ā© Dheeraj Joshi