GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
PWNED-CHECK(1) FreeBSD General Commands Manual PWNED-CHECK(1)

pwned-checkCheck word against list of known stolen passwords.

pwned-check [-u]

The pwned-check utility checks the passwords piped in via standard input (one per line) against a huge database of passwords that are known to have been stolen in data breaches.

SHA1 hashes of these passwords have been published at https://haveibeenpwned.com/

If any of the checked passwords is found in the database, it is printed on standard output and the exit status of pwned-check is set to 1. No output is generated for passwords not found in the database.

The database can be downloaded to a local directory or it can be queried by a method that does not make the hash queried known to the remote server. The remote query is performed if the pawned password database has not been fetched and stored on the local system. While the remote accesses are not as fast as a local lookup, they will query an always up-to-date database and allow to avoid the download and storage of this huge database.

Instead of plain passwords, SHA1 hashes of passwords may be supplied. Matches will be reported, but there is no provision to report the plain text password corresponding to a given SHA1 hash.

If the option -u is used, the password hash database is downloaded and initialized. This process will temporarily require some 18 GB of free space in the database directory, which is /var/db/pwned-check by default. This location can be changed in the configuration file, prior to starting the download.

/usr/local/etc/pwned-check.conf
Optional configuration file.
/var/db/pwned-check
Default location of pwned password hash database. Needs 18 GB of free space during download, 13 GB when finished.

pwned-check returns 0 if none of the passwords to check have been found in the pwned password database, else 1.

If the -u option is used to download the pwned password hashes, an exit code of 0 indicates success, 1 failure to fetch and initialize the database.

Download the pwned password hash files:

pwned-check -u

Check passwords passed on standard input against pwned password database:

echo badpasswd | pwned-check
October 23, 2017 FreeBSD 14.3-RELEASE
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.