A light-weight Go client for checking compromised passwords against HIBP Pwned Passwords.
go get -u github.com/mattevans/pwned-passwords
package main
import (
"fmt"
"net/http"
"os"
"time"
hibp "github.com/mattevans/pwned-passwords"
)
func main() {
// Init a client.
client := hibp.NewClient()
// Optional: Use a custom http client
client.SetHTTPClient(&http.Client{
Timeout: 3 * time.Second,
})
// Check to see if your given string is compromised.
pwned, err := client.Compromised("string to check")
if err != nil {
os.Exit(1)
}
if pwned {
// Oh dear! 😱 -- You should avoid using that password
fmt.Print("Found to be compromised")
}
}If you've found a bug or would like to contribute, please create an issue here on GitHub, or better yet fork the project and submit a pull request!
