# checkpw - Check passwords agains pwnedpaswords.com

A simple tool to check passwords against the database at [pwnedpasswords.com] using the [k-anonymity] protocol.

The password entered is hashed, and only a small part of hash (five digits) is sent to the server. This ensures that neither the server, nor any man-in-the-middle can know the exact password you submit.

## Building the code

You need to have Rust and Cargo installed on your system. Then simply run:

    % cargo build --release

To build the release build. You'll find the resulting binary in `target/release/checkpw`.

## Contributing

Issues and merge requests are welcome!

## License

Copyright (C) 2018  Harald Eilertsen <haraldei@anduin.net>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.

[pwnedpasswords.com]: https://pwnedpasswords.com
[k-anonymity]: https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/#cloudflareprivacyandkanonymity