blob: 6b33738e1b293f58dbd283c782fc67b604d94b32 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
#+title: Orion
#+subtitle: Orion checks for compromised passwords using Have I Been Pwned API
#+export_file_name: index
#+setupfile: ~/.emacs.d/org-templates/projects.org
| Website | https://andinus.nand.sh/orion/ |
| Source | https://git.tilde.institute/andinus/orion |
| GitHub (Mirror) | https://github.com/andinus/orion |
* Demo
- Orion v0.1.0 :: https://diode.zone/videos/watch/ffd4021d-2b39-4e6a-993e-3eacf9323320
* Documentation
** Implementation
Initially it presented a simple prompt that accepted a password & it
checked that password against HIBP database. Orion v0.2.0+ checks for
compromised passwords in my password store. It builds a list of all the
passwords in =~/.password-store= & performs these operations on each file:
- Password is hashed & split (prefix: [:5], suffix: [5:])
- Prefix is sent to the HIBP API
- HIBP API returns list of suffixes along with frequency
- Orion looks for suffix from the list of suffixes
Match means the password is present in HIBP database & has been compromised.
- *Note*: Password not present in database doesn't mean that it is a
strong password.
** Options
*** verbose
This option does nothing.
* History
Orion v0.1.0 was a simple cli application that asked user for password &
returned the results. I never used this because I don't generate
password in head, ~pass~ is my password manager & it stores all my
passwords.
Orion was ported from Go to Raku.
|