haveibeenpwned is a command-line application that uses HaveIBeenPwned service and can create and use Binary Fuse filter (which is smaller than Bloom filter or Cuckoo filter for the same false positive ratio) for efficient query at cost of false positives.
haveibeenpwed interactive-onlinehaveibeenpwned downloader [path to output file]haveibeenpwned interactive-filter [path to filter file]haveibeenpwned create-filter [path to password file] [output path for filter file] Be advised that creating a filter requires a significant amount of RAM. Testing on the downloaded passwords file (35 GB) for creating a small filter alone used 11 GB on Windows. The Small filter has a false positive rate of <0.4%, while the Medium filter has a false positivity rate of 0.0016% and the Large filter has a false positivity rate of <1 in 4 billion.haveibeenpwned file-check [path to file with passwords to test] [path to filter] (with optional -p command to print compromised passwords from the file)Prebuilt filters are available (small, medium, large). The Small filter has a size of 909 MiB (with false positivity rate of ~0.4%). The Medium filter has a size of 1.77 GiB (with false positivity rate of 0.0016%) and the Large filter has a size of 3.55 GiB (with false positivity rate of <1 in 4 billion).
As haveibeenpwned was in alpha, the design of the filter wasis not final at the time. Therefore, filter file compatibility was not maintained between versions until now. Filter created by version 0.4.0-alpha is not compatible with 0.5.0 (and version 0.5.0 has smaller filters than version 0.4.0). However, compatibility from v0.5.0 onwards (current version) will be maintained.
haveibeenpwned can be downloaded from Releases page for Ubuntu .deb package for 18.04 and later, generic linux executable for 64-bit Intel systems (You may need to run chmod +x <path to binary>), and Windows releases. If you have rustup installed (see Build Guide), you can install by running:
cargo intall haveibeenpwned
Currently, macOS builds are not provided as I do not have a Mac. I will also work on creating a flatpak version of haveibeenpwned
If you use the deb file on Ubuntu, uninstall the deb package with:
sudo apt remove haveibeenpwned
Finally, install with the newer deb file.
For Windows, just replace the older haveibeenpwned.exe with the newer version.
If you used the haveibeenpwned linux binary, just replace it with newer one (you may need to run chmodm +x <path to haveibeenpwned> again)
We can use cargo to build haveibeenpwned. We first need to install rustup and build tools (instructions for those can be found here). Then, we can build with:
git clone https://github.com/CKingX/haveibeenpwned.git
cd ./haveibeenpwned
cargo install --path ./
Now you can run by typing haveibeenpwned in terminal. Upgrading can be done with cargo install command again. If you would just like to build the binary, you can build the debug binary with:
cargo build
Release binary can be built with:
cargo build --release
The output of the build command will be in ./target/{debug/release}/haveibeenpwned
haveibeenpwned is licensed as AGPL 3.0. However, there will eventually be an MPL library that can use a filter to check passwords in other programs.
