Hello,
today i will offer to the community my little "PasswordChecker" tool to check if a password was pwnd by a data breach.
It will hash the given password into sha-1 and then search thru the very big database file from "haveibeenpwnd.com".
This can be done directly and fast thru the website it self or if you don't trust the web you can do it your self by using
the "PasswordChecker" tool. All you need are the apps "PasswordChecker", "PasswordCheckerThread" and the very big text
file (12.50 GB zipped / 25.10 GB unzipped) from https://haveibeenpwned.com/Passwords . (SHA-1 Formatted)
1. Download the password database
2. Download the source code of the "PasswordChecker" and "PasswordCheckerThread"
3. Extract the database (since Version 1.01 not needed, but slower)
4. Extract the projects
5. Compile the projects with B4J "Release Mode"
6. Copy the jar files together in one directory
7. Start the PasswordChecker.jar
At the first start "PasswordChecker" will ask to choose the path to database file and save it in a settings file for the next time.
Now you can enter a password to check like "abc123". The app will then start the "PasswordCheckerThread.jar" as new process
with the given password. The "PasswordCheckerThread" then hashes the password and search for it in the large database file.
This can take a while.
If your computer has enough power you can check more then one password at the same time. Go back to the "PasswordChecker"
and start a new password check. It will then open a new "PasswordCheckerThread" process on a different cpu thread i think.
In situations where more passwords will be checked at the same time, this should be faster as searching in only one process on
one cpu thread. Threading in B4J can be difficult to debug and is not a good idea. Resumable Subs are a good idea, but runs
only on one cpu thread and will slow down the checking in such situations.
The code is free for the community.
If you have any questions, please write a message into this thread.
Thank you
Have a nice time
Needed Library's: JavaObject, jRandomAccessFile, jShell
Special Thanks to Erel for the very good developement software (B4X)
Version Updates:
- 1.01 (29.04.2021) support for ".7z" archives added, so the database ".txt" file must not be extracted before.
The file "commons-compress-1.20.jar" from Apache and the file "xz-1.9.jar" from Maven are needed to compile it.
Know, searching a password thru a compressed database txt file will be slow, but it works and save space on the harddrive.
today i will offer to the community my little "PasswordChecker" tool to check if a password was pwnd by a data breach.
It will hash the given password into sha-1 and then search thru the very big database file from "haveibeenpwnd.com".
This can be done directly and fast thru the website it self or if you don't trust the web you can do it your self by using
the "PasswordChecker" tool. All you need are the apps "PasswordChecker", "PasswordCheckerThread" and the very big text
file (12.50 GB zipped / 25.10 GB unzipped) from https://haveibeenpwned.com/Passwords . (SHA-1 Formatted)
1. Download the password database
2. Download the source code of the "PasswordChecker" and "PasswordCheckerThread"
3. Extract the database (since Version 1.01 not needed, but slower)
4. Extract the projects
5. Compile the projects with B4J "Release Mode"
6. Copy the jar files together in one directory
7. Start the PasswordChecker.jar
At the first start "PasswordChecker" will ask to choose the path to database file and save it in a settings file for the next time.
Now you can enter a password to check like "abc123". The app will then start the "PasswordCheckerThread.jar" as new process
with the given password. The "PasswordCheckerThread" then hashes the password and search for it in the large database file.
This can take a while.
If your computer has enough power you can check more then one password at the same time. Go back to the "PasswordChecker"
and start a new password check. It will then open a new "PasswordCheckerThread" process on a different cpu thread i think.
In situations where more passwords will be checked at the same time, this should be faster as searching in only one process on
one cpu thread. Threading in B4J can be difficult to debug and is not a good idea. Resumable Subs are a good idea, but runs
only on one cpu thread and will slow down the checking in such situations.
The code is free for the community.
If you have any questions, please write a message into this thread.
Thank you
Have a nice time
Needed Library's: JavaObject, jRandomAccessFile, jShell
Special Thanks to Erel for the very good developement software (B4X)
Version Updates:
- 1.01 (29.04.2021) support for ".7z" archives added, so the database ".txt" file must not be extracted before.
The file "commons-compress-1.20.jar" from Apache and the file "xz-1.9.jar" from Maven are needed to compile it.
Know, searching a password thru a compressed database txt file will be slow, but it works and save space on the harddrive.
Last edited:
