From 6fe535caf174eab6c90e5e6b5129e7f4a3949b86 Mon Sep 17 00:00:00 2001 From: Andinus Date: Sat, 11 Apr 2020 16:15:08 +0530 Subject: Update the scope of the project I never used this program because I don't generate my passwords in head, they're managed by pass so orion will now support pass. It'll automatically get my passwords, audit them & print the results. --- README.org | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/README.org b/README.org index 66f4c4d..532bfb9 100644 --- a/README.org +++ b/README.org @@ -1,26 +1,28 @@ -#+HTML_HEAD: -#+HTML_HEAD: +#+HTML_HEAD: +#+HTML_HEAD: #+EXPORT_FILE_NAME: index #+TITLE: Orion -Orion is a simple cli client to check for compromised passwords using Have I +Orion is a simple program to check for compromised passwords using Have I Been Pwned API. +Currently it only supports [[https://www.passwordstore.org][pass]], other password managers maybe be supported in +the future. + *Note*: Your password is not sent anywhere, only the first 5 characters of the SHA-1 hash of the input is sent to HIBP API. * Demo -I just run some cetus commands on my computer, nothing fancy. I'll make better -demo videos someday. - -| Version | Video | -|---------+----------------------------------------------------------------------| -| v0.1.0 | https://diode.zone/videos/watch/ffd4021d-2b39-4e6a-993e-3eacf9323320 | +| Demo Video | +|--------------| +| [[https://diode.zone/videos/watch/ffd4021d-2b39-4e6a-993e-3eacf9323320][Orion v0.1.0]] | * Working -- Orion takes input from the user -- Input is hashed & split (prefix: [:5], suffix: [5:]) +- Password is hashed & split (prefix: [:5], suffix: [5:]) - Prefix is sent to the HIBP API - HIBP API returns list of suffixes along with frequency - Orion looks for suffix from the list of suffixes Match means the password is present in HIBP database & has been compromised. + +*Note*: Password not present in database doesn't mean that it is a strong + password. -- cgit 1.4.1-2-gfad0