Orion
Orion checks for compromised passwords using Have I Been Pwned API
Table of Contents
Website | https://andinus.nand.sh/orion/ |
Source | https://git.tilde.institute/andinus/orion |
GitHub (Mirror) | https://github.com/andinus/orion |
Demo
Documentation
Implementation
Initially it presented a simple prompt that accepted a password & it
checked that password against HIBP database. Orion v0.2.0+ checks for
compromised passwords in my password store. It builds a list of all the
passwords in ~/.password-store
& performs these operations on each file:
- Password is hashed & split (prefix: [:5], suffix: [5:])
- Prefix is sent to the HIBP API
- HIBP API returns list of suffixes along with frequency
- Orion looks for suffix from the list of suffixes
Match means the password is present in HIBP database & has been compromised.
- Note: Password not present in database doesn't mean that it is a strong password.
Options
verbose
If enabled, it prints a "." for every password entry it checks.
History
Orion v0.1.0 was a simple cli application that asked user for password &
returned the results. I never used this because I don't generate
password in head, pass
is my password manager & it stores all my
passwords.
Orion was ported from Go to Raku.