Query Passwords for a Partial Hash of an Email Address

PreviousQuery Passwords for a Domain NextTest Accounts

Last updated 10 months ago

Was this helpful?

Query all cleartext passwords for a user by providing a partial hash of their email address.

get

Returns a list of passwords in the Enzoic database for a given email address. This variant of the call takes a partial SHA-256 hash of the email being checked and returns passwords for all possible candidate matches. Unless you need to pass only partial hashes for compliance purposes, we recommend using the exact match /cleartext-credentials variant for better performance.

Authorizations

Query parameters

partialUsernameHashstringRequired

The first 8 or more characters of the SHA-256 hash of the lowercased email you wish to check credentials for

Example: test@enzoic.com

includeExposureDetailsintegerOptional

(Optional) If this parameter is specified and non-zero, the results will include the exposure details inline, rather than just the IDs. In this case the exposures array in the response will contain an array of ExposureDetails objects

Default: 0Example: 1

Responses

200

The call was successful and any matching candidate users are in the response

application/json

get

GET /v1/cleartext-credentials-by-partial-hash HTTP/1.1
Host: api.enzoic.com
Authorization: Bearer Base64(your_api_key:your_api_secret)
Accept: */*

200

The call was successful and any matching candidate users are in the response

{
  "candidates": [
    {
      "usernameHash": "abcabcab397b5155417038a5f33d31ec083d1e848ff3b69110005f1181eaa435",
      "lastBreachDate": "2022-12-10T02:05:03.000Z",
      "passwords": [
        {
          "password": "password123",
          "hashType": 0,
          "salt": "text",
          "exposures": [
            {
              "id": "57dc11964d6db21300991b78",
              "title": "funsurveys.net",
              "entries": 5123,
              "date": "2015-05-01T00:00:00.000Z",
              "category": "Manufacturing",
              "source": "Cybercrime Forums",
              "passwordType": "Cleartext",
              "exposedData": [
                "Emails",
                "Passwords"
              ],
              "dateAdded": "2016-09-16T15:36:54.000Z",
              "sourceURLs": [
                "https://www.someplace.com"
              ],
              "domainsAffected": 683,
              "sourceFileCount": 1
            }
          ]
        }
      ]
    }
  ]
}