@mathiscode/password-leak
v1.2.11
Published
A library to check for compromised passwords
Downloads
33
Maintainers
Readme
password-leak
Also check out the password-leak-monitor browser extension!
Introduction
password-leak
is a JavaScript module that can be used to determine if a password is compromised by checking with the Have I Been Pwned API.
How is this safe?
Your passwords are NEVER transmitted to any other system. This library makes use of the Have I Been Pwned API, which implements a k-Anonymity Model so your password can be checked without ever having to give it to any other party.
Installation
npm install @mathiscode/password-leak
Usage in Browser
<script src="https://cdn.jsdelivr.net/npm/@mathiscode/password-leak@latest"></script>
<script>
isPasswordCompromised('myPassword').then(isCompromised => {
console.log('Is compromised?', isCompromised)
})
</script>
Usage in Node.js
With import/await
import isPasswordCompromised from '@mathiscode/password-leak'
const isCompromised = await isPasswordCompromised('myPassword')
console.log('Is compromised?', isCompromised)
With require/promises
const isPasswordCompromised = require('@mathiscode/password-leak').default
isPasswordCompromised('myPassword').then(isCompromised => {
console.log('Is compromised?', isCompromised)
})
Usage in Command Line
Install globally, or use npx @mathiscode/password-leak
npm install -g @mathiscode/password-leak
You can then run password-leak
to interactively enter the masked password, or provide the password as an argument, eg. password-leak myPassword
The exit status will be 0 (not compromised) or 1 (compromised).