Password Checkup

COMMENT

‎This workflow uses the Have I Been Pwned API to determine if your password has been seen in a data breach. Huge thanks to Troy Hunt for providing this service. Visit https://haveibeenpwned.com for more info.

SCRIPTING

‎Ask ‎Password:

Input Type

‎Text

Default Answer

‎Text

Provided Input

SCRIPTING

‎Generate ‎SHA1 ‎hash of ‎Input

Hash

COMMENT

‎The password is hashed and only the first 5 characters of the hash are used in the API call.

TEXT

‎Match ‎^.{0,5} ‎in ‎Text

Case Sensitive

‎

Matches

VARIABLES

‎Get ‎Hash

COMMENT

‎The last 35 characters of the hash are used to match against results sent by the API; they never leave your device.

TEXT

‎Match ‎.{35}$ ‎in ‎Text

Case Sensitive

‎

Matches

URL

‎https://api.pwnedpasswords.com/range/ ‎Submission

URL

NETWORK

‎Get contents of ‎URL

‎Options Under Construction

Contents of URL

TEXT

‎Match ‎Text Matches ‎:[0-9]+ ‎in ‎Text

Case Sensitive

‎

Matches

COMMENT

‎Above is where we use the last 35 characters of the hash. The regex is to get the number of times the password has been seen in breaches.

SCRIPTING

‎If ‎Input ‎Condition

VARIABLES

‎Get ‎Text Matches

TEXT

‎Split ‎Text ‎by ‎Custom ‎:

Split Text

SCRIPTING

‎Get ‎Last Item ‎from ‎List

Item from List

SCRIPTING

‎Show alert ‎🛑 Warning 🛑

Title

‎🛑 Warning 🛑

Show Cancel Button

‎

SCRIPTING

‎Otherwise

SCRIPTING

‎Show alert ‎✅ Password Not Found ✅

Title

‎✅ Password Not Found ✅

Show Cancel Button

‎

SCRIPTING

‎End If

If Result

Showcuts

Magic Vars

Screenshot

Submitted by SAM3 6 years ago

This is an old shortcut, so some variables might be missing!

Visit iCloud (iOS)

Copy iCloud Link

Scan QR Code