Have I been pwned (HIBP) is a service which tracks leaks of personal data. It records the various breaches and stores the associated password.
If you use KeePass or compatible programs such as the excellent KeePassXC for Linux, you might want to check which of your passwords are weak. A password is weak if it has been revealed in previous breaches, as dictionary attacks will probably include it.
You can compile hibp-check by running the cargo utility:
$ cargo build --releaseYou can then install the executable on your system by running:
$ sudo install -c -m 755 target/release/hibp-check /usr/local/binIf your KeePass database is located in ~/keepass/passwords.kdbx, you can run
hibp-check the following ways:
$ hibp-check keepass --ask-password ~/keepass/passwords.kdbx$ cargo run --release -- keepass --ask-password ~/keepass/passwords.kdbxIf you don't use a password, you can omit the --ask-password option. If you use a key file
(possibly in addition to a password), add --key-file FILE to the command line.
You may also prefer to indicate your password on the command line using --password PASSWORD,
but this is not recommended as anyone logged onto the same machine will be able to snoop
your password using the ps Unix command.
Also, if you want the compromised passwords to appeared in plain text on the console,
you can add the --show-password before keepass on the command line.
Absolutely not, please check the code yourself. The only crate able to do network access
used in this project is reqwest and it is only referenced in src/network.rs.