PwnedChecker: Password Breach Detection
Project Description
PwnedChecker is a tool that I developed in Python for checking if your password has been compromised in any data breaches by leveraging the HaveIBeenPwned API. It creates a SHA-1 hash of the password, sends a request using the first five characters of the hash to the API, and processes the response to determine if the password has been pwned.
Key Features
- Password Hashing: Utilizes
hashlib
for the SHA-1 hashing algorithm to securely hash the user’s password. - API Integration: Leverages the HaveIBeenPwned API to verify if the password has been exposed in data breaches.
- Response Processing: Parses the API response to find the complete hash and retrieve the count of breaches.
- User-Friendly Interaction: Guides the user through the process with clear prompts and informative messages.
Libraries Used
These are the libraries that I’m using in pwnedchecker.py
:
1
2
3
import hashlib
import requests
import argparse
hashlib: hashlib is a Python library for creating hashes, which is important since I need to create hashes of the password so that I can check if they were pwned in HaveIBeenPwned’s database, which stores pwned passwords by their SHA-1 hash.
requests: requests is a Python library for creating and sending HTTP requests. This is important since I need to interact with HaveIBeenPwned’s API to check if a password was previously involved in a breach.
argparse: argparse is a Python library for parsing command line arguments to the program. This allows my program to take in command line arguments in the terminal.