haveibeenfiltered 0.1.4 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +15 -10
  2. package/bin/cli.js +8 -1
  3. package/lib/datasets.js +21 -5
  4. package/package.json +2 -2
package/README.md CHANGED
@@ -6,7 +6,7 @@
6
6
 
7
7
  Offline password breach checking using [ribbon filters](https://engineering.fb.com/2021/07/09/core-infra/ribbon-filter/). Check passwords against the [Have I Been Pwned](https://haveibeenpwned.com/) dataset (2B+ passwords) locally, with no API calls.
8
8
 
9
- See [haveibeenfiltered.com](https://haveibeenfiltered.com) for more information about the project.
9
+ See [fedorov.net/projects/hibf](https://fedorov.net/projects/hibf/) for more information about the project.
10
10
 
11
11
  ## Why?
12
12
 
@@ -75,7 +75,7 @@ const filter = await hbf.load({ autoDownload: true })
75
75
 
76
76
  | Option | Type | Default | Description |
77
77
  |--------|------|---------|-------------|
78
- | `dataset` | `string` | `'hibp'` | Dataset name (`hibp`, `hibp-min5`, `hibp-min10`, `hibp-min20`, `rockyou`) |
78
+ | `dataset` | `string` | `'hibp'` | Dataset name (`hibp`, `hibp-min5`, `hibp-min10`, `hibp-min20`, `rockyou`, `top1m`, `top10m`) |
79
79
  | `path` | `string` | — | Explicit path to `.bin` file |
80
80
  | `autoDownload` | `boolean` | `false` | Download from CDN if file is missing |
81
81
 
@@ -197,18 +197,22 @@ npx haveibeenfiltered status
197
197
  | `hibp-min10` | 486,611,978 | 435 MB | ~0.78% | HIBP — passwords seen in 10+ breaches |
198
198
  | `hibp-min20` | 290,029,936 | 259 MB | ~0.78% | HIBP — passwords seen in 20+ breaches |
199
199
  | `rockyou` | 14,344,391 | 12.8 MB | ~0.78% | [RockYou](https://en.wikipedia.org/wiki/RockYou#Data_breach) breach (2009) |
200
+ | `top1m` | 1,000,000 | 0.9 MB | ~0.78% | Top 1M most common passwords |
201
+ | `top10m` | 10,000,000 | 9.0 MB | ~0.78% | Top 10M most common passwords |
200
202
 
201
203
  ### CDN
202
204
 
203
- Filter binaries are hosted at `https://files.haveibeenfiltered.com/v0.1/`:
205
+ Filter binaries are hosted at `https://bits.fedorov.net/v0.1/`:
204
206
 
205
207
  | File | Size | SHA-256 |
206
208
  |------|------|---------|
207
- | [`ribbon-hibp-v1.bin`](https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1.bin) | 1.8 GB | `4eeb8608fa8541a51a952ecda91ad2f86e6f7457b0dbe34b88ba8a7ed33750ce` |
208
- | [`ribbon-hibp-v1-min5.bin`](https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1-min5.bin) | 726 MB | `4422f5659cb5fe39cf284b844328bfd3f7ab37fac0fe649b4cff216ffd2ac5da` |
209
- | [`ribbon-hibp-v1-min10.bin`](https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1-min10.bin) | 435 MB | `8c71d6a3696d27bcf21a30ddcd67f7e290a71210800db86810ffb84a426fe93e` |
210
- | [`ribbon-hibp-v1-min20.bin`](https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1-min20.bin) | 259 MB | `31a2c7942698fce74d95ce54dfb61f383ef1a33dce496b88c672e1ac07c71c43` |
211
- | [`ribbon-rockyou-v1.bin`](https://files.haveibeenfiltered.com/v0.1/ribbon-rockyou-v1.bin) | 12.8 MB | `777d3c1640e7067bc7fb222488199c3371de5360639561f1f082db6b7c16a447` |
209
+ | [`ribbon-hibp-v1.bin`](https://bits.fedorov.net/v0.1/ribbon-hibp-v1.bin) | 1.8 GB | `4eeb8608fa8541a51a952ecda91ad2f86e6f7457b0dbe34b88ba8a7ed33750ce` |
210
+ | [`ribbon-hibp-v1-min5.bin`](https://bits.fedorov.net/v0.1/ribbon-hibp-v1-min5.bin) | 726 MB | `4422f5659cb5fe39cf284b844328bfd3f7ab37fac0fe649b4cff216ffd2ac5da` |
211
+ | [`ribbon-hibp-v1-min10.bin`](https://bits.fedorov.net/v0.1/ribbon-hibp-v1-min10.bin) | 435 MB | `8c71d6a3696d27bcf21a30ddcd67f7e290a71210800db86810ffb84a426fe93e` |
212
+ | [`ribbon-hibp-v1-min20.bin`](https://bits.fedorov.net/v0.1/ribbon-hibp-v1-min20.bin) | 259 MB | `31a2c7942698fce74d95ce54dfb61f383ef1a33dce496b88c672e1ac07c71c43` |
213
+ | [`ribbon-rockyou-v1.bin`](https://bits.fedorov.net/v0.1/ribbon-rockyou-v1.bin) | 12.8 MB | `777d3c1640e7067bc7fb222488199c3371de5360639561f1f082db6b7c16a447` |
214
+ | [`ribbon-top1m-v1.bin`](https://bits.fedorov.net/v0.1/ribbon-top1m-v1.bin) | 0.9 MB | `44f03ee81d777b42ba96deabde394f8aca8b8ef99134e15121c4e0c3fb3547c1` |
215
+ | [`ribbon-top10m-v1.bin`](https://bits.fedorov.net/v0.1/ribbon-top10m-v1.bin) | 9.0 MB | `bdc40e88abf427354d408d67e79a31f7e2987dac0f1130c4d30f396062a9cd96` |
212
216
 
213
217
  The CLI downloads to `~/.haveibeenfiltered/` by default. Integrity is verified via SHA-256 after each download.
214
218
 
@@ -250,15 +254,16 @@ Benchmarked on a single core. The filter loads into memory once (~1.8 GB RAM for
250
254
  ## Requirements
251
255
 
252
256
  - **Node.js** >= 16.0.0
253
- - **Disk space** — 1.8 GB for HIBP (full), 726 MB (min5), 435 MB (min10), 259 MB (min20), 13 MB for RockYou
257
+ - **Disk space** — 1.8 GB for HIBP (full), 726 MB (min5), 435 MB (min10), 259 MB (min20), 13 MB for RockYou, 9 MB for top10m, 0.9 MB for top1m
254
258
  - **RAM** — same as disk (filter is loaded into memory)
255
259
 
256
260
  ## Links
257
261
 
258
- - [haveibeenfiltered.com](https://haveibeenfiltered.com) — Project homepage
262
+ - [fedorov.net/projects/hibf](https://fedorov.net/projects/hibf/) — Project homepage
259
263
  - [GitHub](https://github.com/kolobus/haveibeenfiltered) — Source code
260
264
  - [npm](https://www.npmjs.com/package/haveibeenfiltered) — Package registry
261
265
  - [Have I Been Pwned](https://haveibeenpwned.com/) — Password breach data source
266
+ - [Mihail Fedorov](https://fedorov.net) — Author
262
267
  - [Buy Me a Coffee](https://buymeacoffee.com/kolobus) — Support the project
263
268
 
264
269
  ## License
package/bin/cli.js CHANGED
@@ -196,7 +196,14 @@ function usage() {
196
196
  console.log(' check Check password(s) against the filter');
197
197
  console.log('');
198
198
  console.log('Options:');
199
- console.log(' --dataset <name> Dataset to use (hibp, rockyou). Default: hibp');
199
+ console.log(' --dataset <name> Dataset to use. Default: hibp');
200
+ console.log(' hibp All HIBP passwords (1.79 GB, 2B keys)');
201
+ console.log(' hibp-min5 HIBP count >= 5 (725 MB, 812M keys)');
202
+ console.log(' hibp-min10 HIBP count >= 10 (435 MB, 487M keys)');
203
+ console.log(' hibp-min20 HIBP count >= 20 (259 MB, 290M keys)');
204
+ console.log(' rockyou RockYou wordlist (12.8 MB)');
205
+ console.log(' top1m Top 1M passwords (0.9 MB)');
206
+ console.log(' top10m Top 10M passwords (9.0 MB)');
200
207
  console.log(' --path <path> Custom path to filter file');
201
208
  console.log(' --force Re-download even if file exists (download command)');
202
209
  console.log(' --stdin Read input from stdin (check command)');
package/lib/datasets.js CHANGED
@@ -5,7 +5,7 @@ const DATASETS = {
5
5
  name: 'hibp',
6
6
  version: 1,
7
7
  filename: 'ribbon-hibp-v1.bin',
8
- url: 'https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1.bin',
8
+ url: 'https://bits.fedorov.net/v0.1/ribbon-hibp-v1.bin',
9
9
  expectedBytes: 1918974105,
10
10
  sha256: '4eeb8608fa8541a51a952ecda91ad2f86e6f7457b0dbe34b88ba8a7ed33750ce',
11
11
  },
@@ -13,7 +13,7 @@ const DATASETS = {
13
13
  name: 'hibp-min5',
14
14
  version: 1,
15
15
  filename: 'ribbon-hibp-v1-min5.bin',
16
- url: 'https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1-min5.bin',
16
+ url: 'https://bits.fedorov.net/v0.1/ribbon-hibp-v1-min5.bin',
17
17
  expectedBytes: 760791541,
18
18
  sha256: '4422f5659cb5fe39cf284b844328bfd3f7ab37fac0fe649b4cff216ffd2ac5da',
19
19
  },
@@ -21,7 +21,7 @@ const DATASETS = {
21
21
  name: 'hibp-min10',
22
22
  version: 1,
23
23
  filename: 'ribbon-hibp-v1-min10.bin',
24
- url: 'https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1-min10.bin',
24
+ url: 'https://bits.fedorov.net/v0.1/ribbon-hibp-v1-min10.bin',
25
25
  expectedBytes: 455760736,
26
26
  sha256: '8c71d6a3696d27bcf21a30ddcd67f7e290a71210800db86810ffb84a426fe93e',
27
27
  },
@@ -29,7 +29,7 @@ const DATASETS = {
29
29
  name: 'hibp-min20',
30
30
  version: 1,
31
31
  filename: 'ribbon-hibp-v1-min20.bin',
32
- url: 'https://files.haveibeenfiltered.com/v0.1/ribbon-hibp-v1-min20.bin',
32
+ url: 'https://bits.fedorov.net/v0.1/ribbon-hibp-v1-min20.bin',
33
33
  expectedBytes: 271649178,
34
34
  sha256: '31a2c7942698fce74d95ce54dfb61f383ef1a33dce496b88c672e1ac07c71c43',
35
35
  },
@@ -37,10 +37,26 @@ const DATASETS = {
37
37
  name: 'rockyou',
38
38
  version: 1,
39
39
  filename: 'ribbon-rockyou-v1.bin',
40
- url: 'https://files.haveibeenfiltered.com/v0.1/ribbon-rockyou-v1.bin',
40
+ url: 'https://bits.fedorov.net/v0.1/ribbon-rockyou-v1.bin',
41
41
  expectedBytes: 13456384,
42
42
  sha256: '777d3c1640e7067bc7fb222488199c3371de5360639561f1f082db6b7c16a447',
43
43
  },
44
+ 'top1m': {
45
+ name: 'top1m',
46
+ version: 1,
47
+ filename: 'ribbon-top1m-v1.bin',
48
+ url: 'https://bits.fedorov.net/v0.1/ribbon-top1m-v1.bin',
49
+ expectedBytes: 956220,
50
+ sha256: '44f03ee81d777b42ba96deabde394f8aca8b8ef99134e15121c4e0c3fb3547c1',
51
+ },
52
+ 'top10m': {
53
+ name: 'top10m',
54
+ version: 1,
55
+ filename: 'ribbon-top10m-v1.bin',
56
+ url: 'https://bits.fedorov.net/v0.1/ribbon-top10m-v1.bin',
57
+ expectedBytes: 9386327,
58
+ sha256: 'bdc40e88abf427354d408d67e79a31f7e2987dac0f1130c4d30f396062a9cd96',
59
+ },
44
60
  };
45
61
 
46
62
  module.exports = { DATASETS };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "haveibeenfiltered",
3
- "version": "0.1.4",
3
+ "version": "0.1.6",
4
4
  "description": "Offline password breach checking using ribbon filters. Check passwords against HIBP (2B+ passwords) and other breach datasets locally, with zero API calls.",
5
5
  "main": "lib/index.js",
6
6
  "bin": {
@@ -42,7 +42,7 @@
42
42
  "type": "individual",
43
43
  "url": "https://buymeacoffee.com/kolobus"
44
44
  },
45
- "homepage": "https://haveibeenfiltered.com",
45
+ "homepage": "https://fedorov.net/projects/hibf/",
46
46
  "engines": {
47
47
  "node": ">=16.0.0"
48
48
  }