search

HaveIBeenPwned / PwnedPasswordsDownloader

A tool to download all Pwned Passwords hash ranges and save them offline so they can be used without a dependency on the k-anonymity API
BSD 3-Clause "New" or "Revised" License
700 stars 55 forks source link

PPD guide YouTube video. #71

Open hsam10 opened 6 months ago

hsam10 commented 6 months ago

I search on google how to use PPD but no instructions there. How to download and How to check passwords etc.

BD-RE commented 2 months ago

Hey hsam10! It sounds like you're also having some trouble downloading the full HaveIBeenPwned (HIBP) data.

Downloading HIBP Data:

Large files: You're right, downloading a 40GB file can be tricky. Torrents or a download manager might be better options for big files like this one.

You can try these tools:

PwnedPasswordsDownloader:

Easier install on Windows: (https://github.com/alisa101rs/haveibeenpwned-downloader/releases) got only 26,8 GB (28.869.235.712 Bytes) from approximately 40GB

PHPPwnedPasswordsDownloader:

Not tried yet : (https://github.com/oyeaussie/PHPPwnedPasswordsDownloader/releases/tag/1.2.0)

Secure Password Management

KeePass: This is a great tool to store your passwords securely. There are two versions:

KeePassXC (online checking): Easier to install, has a built-in feature to check your passwords against HIBP online. Download KeePassXC for Windows (https://keepassxc.org/download/#windows) (64-bit, Windows 10 / 11) (Portable ZIP) Look for "Database Reports" > "HIBP" > "Perform Online Analysis"

KeePass2 (offline checking): More complex setup, but allows you to check passwords offline. Requires additional plugins and data files.

Download KeePass2 (Portable): Download KeePass2: (https://keepass.info/download.html)

Download HIBP Offline Check plugin: Download HIBP Offline Check plugin: : (https://github.com/mihaifm/HIBPOfflineCheck) (https://github.com/mihaifm/HIBPOfflineCheck/releases/download/1.7.10/HIBPOfflineCheck.plgx)

Download HIBP Bloom Filter data (large, updated February 2023): Download HIBP Bloom Filter data : (https://github.com/mihaifm/HIBPBloomFilter/releases/tag/4.0.0) (https://github.com/mihaifm/HIBPBloomFilter/releases/download/4.0.0/HIBPv8BloomFilter.bin) You can ask for a 2024 update, but the current one might still be effective. Installation instructions for the plugin: How to install HIBP Offline Check plugin: (https://github.com/mihaifm/HIBPOfflineCheck?tab=readme-ov-file#installation)

Note: For KeePass2, consider the online "k-anonymity" method as an alternative to downloading the large data file.

About the YouTube video: I can't create videos myself, but hopefully, these instructions help you out! Let me know if you have any other questions.