Pwned Passwords Password Validator API
An alternate version of the Passwords API compatible with PingDirectory's Pwned Passwords Validator
Alternate endpoint for Passwords API compatible with PingDirectory's Pwned Passwords Password Validator
The Enzoic API uses a basic auth scheme where the username is your API key and the password is your API secret.
See https://docs.enzoic.com/enzoic-api-developer-documentation/using-the-enzoic-api#api-authentication for more details.
The first 5 hex characters of the SHA-1 hash of the password to check or the NTLM hash if mode=ntlm
9d5e0(Optional) If specified and set to "ntlm", the partialHash is treated as the first 5 hex characters of the NTLM hash of the password rather than the SHA-1 hash. Note that PingIdentity's service uses SHA-1 hashes, so typically this parameter is unnecessary
ntlmOne or more possible candidate matches were found. The response body contains the candidates. If any of the candidate hashes match the exact hash, this is a compromised password, i.e. a “hacked” password.
A list of all hash suffixes matching the provided partial hash prefix. The format of the response is a string with each line containing a single hash suffix, followed by a count of how many times that password has been publicly exposed, separated by a colon.
00406469d7472d9aed8c8285c9a45746694:8 0044a81b138c29721ef7d756b0d9475e594:3 0052e641460dbe7c7184d424ec5abd8281c:33 0060c42e8004656c783e7c115996bac9307:2One or more possible candidate matches were found. The response body contains the candidates. If any of the candidate hashes match the exact hash, this is a compromised password, i.e. a “hacked” password.
Last updated
Was this helpful?