Read this interesting article about a half billion PW database of compromised passwords that I thought I'd share:
*https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/ <https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/>* *on* mouseUp *local* tSHAData, tSHAHex, tList *put* messageDigest(the text of field "password", "SHA-1") into tSHAData *repeat* for each byte tByte in tSHAData *put* format("%02X",bytetonum(tByte)) after tSHAHex *end* *repeat* *put* url ("https://api.pwnedpasswords.com/range/"; & char 1 to 5 of tSHAHex) into tList *delete* char 1 to 3 of tList *-- delete the BOM* *filter* tList with (char 6 to -1 of tSHAHex) & "*" *set* the itemdel to ":" *put* item 2 of tList into field "hits" *end* mouseUp I've written some code that uses the new v2 API. You send the first 5 characters of the SHA1 of your password and get a list back of matches. You can then see if the rest of the hash is in the list and get the number of times it appears on the list. "123123" appears 2048411 times for example. I'm sure that someone can tighten it up some, but just wanted to make something in LiveCode that could use the API. You can also download the full database of SHA1 values (8.75GB) if you would want to use to provide a service. Links are in the article (he prefers that you use a torrent). Thanks, Brian _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
