Check a password in haveibeenpwned using pure JavaScript
MIT License
This library allows you to check if a password exists in the Have I Been Pwned database
The library will first hash the password using SHA-1 and then send the first 5 characters to HIBP's server which will return a list of hashes that starts with those characters.
We then check if the hash exists in the returned list and fire an event hibpCheck
with the result
You can either download the JavaScript file or use npm:
npm i hibp-js
You should first load the library
<script src="lib/hibp.min.js"></script>
Then you can call the hibpCheck('PASSWORD HERE')
function, it will fire an event hibpCheck
with the result, check the example for details.
Don'ts:
// When the result is ready check if the password was found or not
document.addEventListener('hibpCheck', function (e) {
if(e.detail){
alert('Found');
} else {
alert('Not Found');
}
});
hibpCheck('password123'); // Check if the password "password123" is in HIBP's database
Full example can be found here