300M Freely Downloadable Pwned Passwords

I really would love we be done with passwords altogether. We&#x27;re asking non power users to make their password unique, and then make it complicated, and then remember all of them in their head, not on a post-it. Nobody can do that, not even us who are telling them to do that. And then, we explain to them they&#x27;re dumb if they didn&#x27;t do that.<p>Currently, my way to generate a new password is this : `pwgen | md5sum`. And then, I use &quot;lost password&quot; everywhere (but for my mailbox, obviously), that is, the rare times my browser is not already prefilling the login form.<p>This makes me wonder why we don&#x27;t just go with that : generate a random password for the user in registration form, allow the browser to save it. On the login form, check if fields are prefilled. If not, only display an email field and send an auth link as mail. User clicking it (once, and fast enough) is logged in.<p>You still have to remember your mailbox password, but that&#x27;s the only one, quite akin the root password of a server.

Can Troy or someone contact Google (bq-public-data@google.com) and push this to the GCP&#x27;s BigQuery public dataset[1] for hosting and easier look up your password via SQL in BigQuery rather than some 3rd party site?<p>[1] <a href="https:&#x2F;&#x2F;cloud.google.com&#x2F;bigquery&#x2F;public-data&#x2F;" rel="nofollow">https:&#x2F;&#x2F;cloud.google.com&#x2F;bigquery&#x2F;public-data&#x2F;</a>

An interesting element to this is how resistant some people are too using torrents for legitimate purposes, even as a backup mirror.<p>It&#x27;s something we&#x27;ve come to embrace in the Linux world. <i>Much</i> faster than a single server and saves bandwidth at individual sites. Surprised this pragmatism hasn&#x27;t reached the rest of you yet.

I wonder how we force change with individual companies? Today I had to sign up for a UPS account. The password length was set to max 27 characters, and the form had disabled paste in the password field.<p>Who do we lobby to get them to fail their next PCI-DSS compliance test?

I don&#x27;t get it.<p>&gt;Do not send any password you actively us to a third-party service - even this one.<p>So I can only test password that I am not using (and by extension that I am not going to use in the future).<p>&gt;oh no - pwned!<p>&gt;This password has previously appeared in a data breach and should never be used. If you&#x27;ve ever used it anywhere before, change it immediately!<p>If I cannot (shouldn&#x27;t) submit any password I am actively using, what does it matter if I used it before? Now I already changed it.

Going to generate a bloom-filter from this dataset tonight.<p>Troy mentions some arguments against torrents, but it is better to have a authoritative torrent than none, imo.

I do agree with Troy that this could be useful to send to relatives and family:<p>&gt; I&#x27;m envisaging more tech-savvy people using this service to demonstrate a point to friends, relatives and co-workers: &quot;you see, this password has been breached before, don&#x27;t use it!&quot;<p>But I can&#x27;t be the only one whose family would be baffled by the term &quot;pwned&quot;. I wish it said something like &quot;Your password has been hacked!&quot; which we all know not to be technically correct but would resonate a lot more.

&gt;If a password is not found in the Pwned Passwords set, it&#x27;ll result in a response like this:<p>Wait, so I test my password to see if it&#x27;s &quot;good&quot; and now you have a copy of a password I will be using. Am I just being paranoid?

One really unfortunate aspect of the passwords being hashed is that there&#x27;s no info available about their lengths. Knowing the lengths could allow you to reduce the size considerably when you enforce a minimum password length.<p>For example, if I have a site that requires passwords to be at least 10 chars long, I don&#x27;t need any of the data for breached passwords that are shorter than 10 characters. People can&#x27;t possibly use them anyway, so that&#x27;s probably a huge chunk of the data that&#x27;s completely useless to be storing and checking.

If I test my passwords, aren&#x27;t they also now pwned?

Is it safe to test my password on this website? (because I just did)

I used one password for a decade or so in the 90s and early naughts and though I&#x27;ve since moved on to use LastPass and two factor for everything this is the first time that password appears in one of these databases.<p>Guessing it was in MySpace..<p>Ironically I used another password for sites I trusted less and that one isn&#x27;t in there.

As others have pointed out, the use case for pasting plain text passwords is not quite clear. Maybe it would be a good idea to allow searching for hashes only, or at least hash the password in js on the client.<p>Also, I&#x27;m genuinely curious as to why SHA-1 is used and not SHA-256. Surely the one-time additional cost of using SHA-256 would&#x27;ve been negligible for Troy? If at some point somebody manages to do preimage attacks on SHA-1, I have to assume my password is broken if I&#x27;ve submitted its hash to his API. Although I guess you&#x27;d have to actually be able to enumerate preimages, preferably from small to big. Still, I don&#x27;t understand why Troy doesn&#x27;t account for the possibility by using a hash function widely considered to be stronger.

What would be the best data structure for using this in, say, a Python script? I imagine just putting it into a dictionary (hash map etc.) won&#x27;t work because of the size.

Someone should apply deep learning to this and check how it compares with brute-forcing passwords. E.g. <a href="https:&#x2F;&#x2F;github.com&#x2F;thoppe&#x2F;5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;thoppe&#x2F;5baa61e4c9b93f3f0682250b6cf8331b7e...</a>

Many of these passwords are one or two characters in length. I think the 300 million number is inflated for publicity. Who allows a password that only has one character?<p>Go here and type the character &#x27;a&#x27;:<p><a href="https:&#x2F;&#x2F;haveibeenpwned.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;haveibeenpwned.com&#x2F;</a>

Quick script to binary-search for passwords locally: <a href="https:&#x2F;&#x2F;gist.github.com&#x2F;Freaky&#x2F;4cb7ce8c107c3da2e4a8210356e8da25" rel="nofollow">https:&#x2F;&#x2F;gist.github.com&#x2F;Freaky&#x2F;4cb7ce8c107c3da2e4a8210356e8d...</a>

Interesting - &quot;correct horse battery staple&quot;[0] is flagged as not being in the data set. I was sure someone should have used that by now.<p>[0] <a href="https:&#x2F;&#x2F;xkcd.com&#x2F;936&#x2F;" rel="nofollow">https:&#x2F;&#x2F;xkcd.com&#x2F;936&#x2F;</a>

I&#x27;m enjoying typing in things that I&#x27;ve never used as passwords (my own name, for example) to see if anyone else at some point thought these things would make for good passwords.

HIBP provides a REST API to check if a password has been found in a breach, Is there a disadvantage of using it in applications and restricting users not to use the breached password?

Woha, wait a second:<p>&gt; Each of the 306 million passwords is being provided as a SHA1 hash.<p>That&#x27;s it? Without any salting? This would make it trivial to recover the plain text using rainbow tables.

Would it make sense to host the file on a cheap OVH&#x2F;Scaleway VPS with unlimited bandwidth? I guess CloudFlare doing it for free beats that though!

I&#x27;m confused. If a website salted their hashes, wouldn&#x27;t it not matter if he password alone was &quot;pwned&quot;?