My first GitHub repository is out! Inspired by Computerphile’s video on checking your passwords, see here; I forked their sample code to improve the C# implementation (and ignore the python, that I don’t really get along with). Not only have I got my way around GitHub ahead of my next project (Pitch-Class Set Theory Analysis), I’ve also got a secure way of checking passwords!
It works as follows:
- The password is entered as plain text
- The password is converted into an SHA1 hash
- The first five characters of the hash are sent to the pwned passwords api – a database of stolen passwords
- All matching passwords are returned
- The returned passwords are searched locally to see if there is a match
- The number of times the password appears in the pwned passwords database is displayed to the user, or 0 if no match has been found