Password Checker

J. Landman Gay jacque at hyperactivesw.com
Sat Feb 24 16:17:08 EST 2018


I just got around to trying this -- *very* useful, thanks for posting it.

There are no matches for any of my passwords I've tried so far. :) On 
the other hand, even "AbrahamLincoln" has 128 matches. And you have to 
insert commas to read the number returned for "qwerty".

On 2/22/18 10:50 PM, Brian Milby via use-livecode wrote:
> Read this interesting article about a half billion PW database of
> compromised passwords that I thought I'd share:
> 
> *https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/
> <https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/>*
> 
> *on* mouseUp
>     *local* tSHAData, tSHAHex, tList
>     *put* messageDigest(the text of field "password", "SHA-1") into tSHAData
>     *repeat* for each byte tByte in tSHAData
>        *put* format("%02X",bytetonum(tByte)) after tSHAHex
>     *end* *repeat*
>     *put* url ("https://api.pwnedpasswords.com/range/" & char 1 to 5 of
> tSHAHex) into tList
>     *delete* char 1 to 3 of tList *-- delete the BOM*
>     *filter* tList with (char 6 to -1 of tSHAHex) & "*"
>     *set* the itemdel to ":"
>     *put* item 2 of tList into field "hits"
> *end* mouseUp
> 
> I've written some code that uses the new v2 API.  You send the first 5
> characters of the SHA1 of your password and get a list back of matches.
> You can then see if the rest of the hash is in the list and get the number
> of times it appears on the list.  "123123" appears 2048411 times for
> example.
> 
> I'm sure that someone can tighten it up some, but just wanted to make
> something in LiveCode that could use the API.
> 
> You can also download the full database of SHA1 values (8.75GB) if you
> would want to use to provide a service.  Links are in the article (he
> prefers that you use a torrent).
> 
> Thanks,
> Brian
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
> 


-- 
Jacqueline Landman Gay         |     jacque at hyperactivesw.com
HyperActive Software           |     http://www.hyperactivesw.com




More information about the Use-livecode mailing list