Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
PWNED-CHECK(1)		    General Commands Manual		PWNED-CHECK(1)

NAME
       pwned-check -- Check word against list of known stolen passwords.

SYNOPSIS
       pwned-check [-u]

DESCRIPTION
       The  pwned-check	utility	checks the passwords piped in via standard in-
       put (one	per line) against a huge database of passwords that are	 known
       to have been stolen in data breaches.

       SHA1    hashes	 of   these   passwords	  have	 been	published   at
       https://haveibeenpwned.com/

       If any of the checked passwords is found	in the database, it is printed
       on standard output and the exit status of pwned-check is	set to 1.   No
       output is generated for passwords not found in the database.

       The  database  can  be  downloaded  to  a  local	directory or it	can be
       queried by a method that	does not make the hash queried	known  to  the
       remote  server.	 The  remote query is performed	if the pawned password
       database	has not	been fetched and stored	on the	local  system.	 While
       the  remote accesses are	not as fast as a local lookup, they will query
       an always up-to-date database and allow to avoid	the download and stor-
       age of this huge	database.

       Instead of plain	passwords, SHA1	hashes of passwords may	 be  supplied.
       Matches will be reported, but there is no provision to report the plain
       text password corresponding to a	given SHA1 hash.

       If  the option -u is used, the password hash database is	downloaded and
       initialized.  This process will temporarily require some	18 GB of  free
       space  in  the  database	directory, which is /var/db/pwned-check	by de-
       fault.  This location can be changed in the configuration  file,	 prior
       to starting the download.

FILES
       /usr/local/etc/pwned-check.conf	Optional configuration file.

       /var/db/pwned-check		Default	 location  of  pwned  password
					hash database.	Needs 18  GB  of  free
					space during download, 13 GB when fin-
					ished.

EXIT STATUS
       pwned-check returns 0 if	none of	the passwords to check have been found
       in the pwned password database, else 1.

       If the -u option	is used	to download the	pwned password hashes, an exit
       code  of	 0  indicates  success,	 1 failure to fetch and	initialize the
       database.

EXAMPLES
       Download	the pwned password hash	files:

	     pwned-check -u

       Check passwords passed on standard input	against	pwned  password	 data-
       base:

	     echo badpasswd | pwned-check

FreeBSD	ports 15.0	       October 23, 2017			PWNED-CHECK(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=pwned-check&sektion=1&manpath=FreeBSD+Ports+15.0>

home | help