This is a tool for checking your passwords in pass against Have I been pwned?.

passpwn uses the range API which means that we are only sending the first 5 characters of a SHA1 hashed password to Have I been pwned? and are checking the returned hashes against the full local hash.

Inspiration for this tool comes from the 1Password blog.

A big thanks to haveibeenpwned.com for making this possible in a secure way.

If you find any bugs or want to provide feedback, you can file bugs in the project's GitHub Issues page.

This project is maintained by Anton Lindström (GitHub | Twitter)

APACHE LICENSE 2.0 Copyright 2018 Anton Lindström

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.