Orion

• Password is hashed & split (prefix: [:5], suffix: [5:])
• Prefix is sent to the HIBP API
• HIBP API returns list of suffixes along with frequency
• Orion looks for suffix from the list of suffixes

Match means the password is present in HIBP database & has been compromised.

Note: Password not present in database doesn't mean that it is a strong password.

Orion v0.1.0 was a simple cli application that asked user for password & returned the results. I almost never used this because I don't generate password in head, pass is my password manager & it stores all my passwords. So, the next version will check all my passwords from password store & return the results.