Build and search a password hash database
Project description
passhashdb
Password Hash Database is an efficient way of checking passwords against a password (hash) list.
This is specifically written to handle the files from Have I been Pwned: Pwned Passwords lists.
Setup
Install this package using pip:
$ sudo pip3 install passhashdb-x.x.x.tar.gz
Download the latest password file, and extract the text file.
Convert the text format to binary "passhashdb" format. This will take a while!
$ hibp-to-passhashdb pwned-passwords-sha1-ordered-by-hash-v5.txt \
pwned-passwords-sha1-ordered-by-hash-v5.bin
I recommend "installing" the file to /usr/share.
Use with Samba
This can be used with Samba's check password script
hook to check passwords as they are changed.
I recommend writing a small wrapper script like this:
/etc/samba/check_password.sh
#!/bin/sh
PASSDB="/usr/share/pwned-passwords-sha1-ordered-by-hash-v5.bin"
LOGFILE="/var/log/samba/check-passhashdb.log"
exec /usr/local/bin/samba-check-passhashdb $PASSDB 2>> $LOGFILE
Then add this to /etc/samba/smb.conf:
check password script = /etc/samba/check_password.sh
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file passhashdb-0.0.1.tar.gz.
File metadata
- Download URL: passhashdb-0.0.1.tar.gz
- Upload date:
- Size: 4.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.4.2 requests/2.21.0 setuptools/40.8.0 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.7.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 85739a8d91630ee8aa463e7adc7a3fcbebf4a732ead856f87ac1c04ee28d288c |
|
| MD5 | d5f2ad5151085b9315acd12237087eca |
|
| BLAKE2b-256 | e75cdda7a8529680ecfc1b2fa9835a1176519ce0abfb5d027ecb3305a7be7beb |
