Password-Store extension for Have I Been Pwned? Pwned Passwords API
This extension uses Troy Hunt's Have I Been Pwned? API https://haveibeenpwned.com/API/v3
In order to protect the value of the source password being searched for, Pwned Passwords also implements a k-Anonymity model that allows a password to be searched for by partial hash. This allows the first 5 characters of a SHA-1 password hash (not case-sensitive) to be passed to the API https://haveibeenpwned.com/API/v3#SearchingPwnedPasswordsByRange
For general password-store extension installation instructions see https://www.passwordstore.org/#extensions
Fedora 29 and beyond have pass-pwned packaged. You can install the package with:
sudo dnf install pass-pwned
echo 'export PASSWORD_STORE_ENABLE_EXTENSIONS="true"' >> ~/.bash_profile
source ~/.bash_profile
curl https://raw.githubusercontent.com/alzeih/pass-pwned/master/pwned.bash -O ~/.password-store/.extensions/pwned.bash
chmod u+x ~/.password-store/.extensions/pwned.bash
$ pass pwned <pass-name>
<pass-name>:3303003
$ pass pwned <pass-name>
<pass-name>:0
$ pass pwned "**/*"
<pass-name>:3303003
<pass-name>:0
This project has a Contributor Covenant Code of Conduct.
API Service by Have I Been Pwned? https://haveibeenpwned.com/ under the Creative Commons Attribution 4.0 International License.