Query Passwords for a Partial Hash of an Email Address
For customers with compliance or security constraints around passing a full SHA-256 hash of an email address to the Enzoic API. This variant allows for passing in a partial SHA-256 hash (first 8 characters) of an email address and returns passwords for all possible candidate email address matches.
Returns a list of passwords in the Enzoic database for a given email address. This variant of the call takes a partial SHA-256 hash of the email being checked and returns passwords for all possible candidate matches. Unless you need to pass only partial hashes for compliance purposes, we recommend using the exact match /cleartext-credentials variant for better performance.
The first 8 or more characters of the SHA-256 hash of the lowercased email you wish to check credentials for
[email protected](Optional) If this parameter is specified and non-zero, the results will include the exposure details inline, rather than just the IDs. In this case the exposures array in the response will contain an array of ExposureDetails objects
0Example: 1GET /v1/cleartext-credentials-by-partial-hash HTTP/1.1
Host: api.enzoic.com
Authorization: Bearer Base64(your_api_key:your_api_secret)
Accept: */*
The call was successful and any matching candidate users are in the response
{
"candidates": [
{
"usernameHash": "abcabcab397b5155417038a5f33d31ec083d1e848ff3b69110005f1181eaa435",
"lastBreachDate": "2022-12-10T02:05:03.000Z",
"passwords": [
{
"password": "password123",
"hashType": 0,
"salt": "text",
"exposures": [
{
"id": "57dc11964d6db21300991b78",
"title": "funsurveys.net",
"entries": 5123,
"date": "2015-05-01T00:00:00.000Z",
"category": "Manufacturing",
"source": "Cybercrime Forums",
"passwordType": "Cleartext",
"exposedData": [
"Emails",
"Passwords"
],
"dateAdded": "2016-09-16T15:36:54.000Z",
"sourceURLs": [
"https://www.someplace.com"
],
"domainsAffected": 683,
"sourceFileCount": 1
}
]
}
]
}
]
}Last updated
Was this helpful?