Query Passwords for a Partial Hash of an Email Address

For customers with compliance or security constraints around passing a full SHA-256 hash of an email address to the Enzoic API. This variant allows for passing in a partial SHA-256 hash (first 8 characters) of an email address and returns passwords for all possible candidate email address matches.

PreviousQuery Passwords for a Domain NextTest Accounts

Last updated 7 months ago

Was this helpful?

Query all cleartext passwords for a user by providing a partial hash of their email address.

Returns a list of passwords in the Enzoic database for a given email address. This variant of the call takes a partial SHA-256 hash of the email being checked and returns passwords for all possible candidate matches. Unless you need to pass only partial hashes for compliance purposes, we recommend using the exact match /cleartext-credentials variant for better performance.

get

/cleartext-credentials-by-partial-hash

Authorizations

Query parameters

partialUsernameHashstringrequired

The first 8 or more characters of the SHA-256 hash of the lowercased email you wish to check credentials for

Example: test@enzoic.com

includeExposureDetailsinteger

(Optional) If this parameter is specified and non-zero, the results will include the exposure details inline, rather than just the IDs. In this case the exposures array in the response will contain an array of ExposureDetails objects

Example: 1

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'https://api.enzoic.com/v1/cleartext-credentials-by-partial-hash?partialUsernameHash=text' \
  --header 'Authorization: Basic username:password'

200

{
  "candidates": [
    {
      "usernameHash": "abcabcab397b5155417038a5f33d31ec083d1e848ff3b69110005f1181eaa435",
      "lastBreachDate": "2022-12-10T02:05:03.000Z",
      "passwords": [
        {
          "password": "password123",
          "hashType": 0,
          "salt": "text",
          "exposures": [
            {
              "id": "57dc11964d6db21300991b78",
              "title": "funsurveys.net",
              "entries": 5123,
              "date": "2015-05-01T00:00:00.000Z",
              "category": "Manufacturing",
              "source": "Cybercrime Forums",
              "passwordType": "Cleartext",
              "dateAdded": "2016-09-16T15:36:54.000Z",
              "domainsAffected": 683,
              "sourceFileCount": 1,
              "exposedData": [
                "Emails",
                "Passwords"
              ],
              "sourceURLs": [
                "https://www.someplace.com"
              ]
            }
          ]
        }
      ]
    }
  ]
}

The call was successful and any matching candidate users are in the response