Interface to the database of breached passwords provided by "Have I Been Pwned".
- Async using tokio and reqwest.
- Brotli compression for reduced data usage.
- Password hash prefix leak prevention by padding responses.
- Constant time base16 encoding and password suffix comparison to prevent any timing atacks.
use passleak::Api;
let api = Api::new();
// count the number of known breache
let breaches = api.count_breaches("secret").await.expect("api error");
assert!(breaches > 0);
// only check if any breaches are known
let is_breached = api.is_breached("secret").await.expect("api error");
assert!(is_breached);Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.