Compromised Password Tester
Small web-app to test the new v2 of the Have I Been Pwned API.
Demo
Security
This site never stores or transmits your password. It simply takes the SHA-1 hash (using the CryptoJS library) and uses the k-anonymity aspect of the API for more security. This only sends the first 5 characters of the hash to the API, which returns a list of related hash suffixes. The site then compares the full hash of your password locally to see if there is a match. All of this logic is stored in main.js.
Built With
Authors
Peter Fiorella - @PTRFRLL