Package: wnpp Severity: wishlist Owner: Tobias Frost <[email protected]> X-Debbugs-Cc: [email protected]
* Package name : keepass2-plugin-hibpofflinecheck Version : 1.7.11 Upstream Contact: Mihai Ciuraru <[email protected]> * URL : https://github.com/mihaifm/HIBPOfflineCheck * License : GPL3 Description : KeePass2 plugin for online and offline Have I Been Pwned (HIBP) checks Have I been pwned? is an excellent tool for checking leaked passwords. While it does provide an API for securely checking the passwords online, some bits of a hashed password still need to be sent to the service when performing this type of check. This plugin offers the alternative of an offline check, by using the downloadable file provided by Have I been pwned. Online check mode is also provided as an option, being implemented using the k-anonimity model required by the HIBP public API. The plugin adds a new column to KeePass. When double-clicking the column for a specific entry, the SHA1 hash is calculated for the password, which is then searched in the file. A status will be displayed on the column for that specific password. Features: - passwords can be checked in offline or online mode binary search in the large password file gives an instant result for the offline mode - bloom filter support - k-anonimity method implemented for the online mode - the status (Pwned or Secure) is saved in the KeePass database and will be retrieved when reopening the app, and updated if the password entry changes each password is individually checked only on user request - multiple passwords can be checked in bulk by using the right click menu - option to check all passwords in the database For the offline mode, the HIPB database has to be manually downloaded.
