I just finished making a website that checks your password’s safety. It runs it through three processes without ever saving them:
- seeing how many times it has been used with HaveIBeenPwned
- checking if its a common password
- checking for any [English] words
Is that all it does?
Nope! Since my website was created to criticize your password(s) I integrated a safe password generator. When the generation process is finished it tests to see if any [English] words are detected; whenever you use real words in a password it makes it so much easier for hackers to figure out what it is.
How do I know it’s not saving my passwords?
I’m completely OK with anyone viewing my website’s code as I do not own the HaveIBeenPwned website or common passwords list (owned by NPM) as long as you follow my license. You can view my website’s code either with the
OK, cool. How do I get my hands on it?
The first two processes were made possible with HaveIBeenPwned and NPM’s “common passwords” list. I do not take credit for either of these, but the word checking process and safe password generator were both created by me.
Hope you guys enjoy it!