DEV Community


Pwned Pass – Available from the Play Store

funkysi1701 profile image Simon Foster Originally published at on ・2 min read

Pwned Pass is now available from the Google Play Store.

Pwned Pass

Pwned Pass is a simple android app that allows you to type in a password and tells you if it has been used in a data breach.

Troy Hunt of Have I Been Pwned? recently added a new API to his website which allows you to search his extensive database of pwned passwords, 306 million of them. I have simply created a Android frontend to this API.

The API itself takes a SHA1 hash of the password and either returns a HTTP 200 if the password is found or a HTTP 404 if the password does not exist in the HIBP database. For more details of how Troy Hunt created this check out his blog post.

My app simply generates a SHA1 hash of anything that is typed in and then passes this to Troy Hunt’s API. I then get the HTTP return code so I know if the password exists or not.

It should be noted that: Do not send any password you actively use to a third-party service – even this one! I don’t log anything that you type into my app and all I am then doing is passing a SHA1 hash over SSL to HIBP. However you shouldn’t trust my word alone.

The app itself is written in Visual Studio with Xamarin Forms in a similar fashion to the app I talked about last week.

As I am using Xamarin Forms there is the potential that I may develop iPhone or UWP versions of this code in the future. With that in mind I have made use of interfaces for the android specific parts of the code.

I also make use of the modernhttpclientnuget package due to problems I encountered with httpclient and SSL. This is due to limitations of what libraries are available in mono and what has been implemented, I suspect there are better ways to solve this but that is all part of the fun.

Please do have a look at Pwned Pass and let me know what you think. Especially if it doesn’t work or throws errors. I would like to spend time making this app as good as I can make it.

The post Pwned Pass – Available from the Play Store appeared first on Funky Si's Tech Talk.

Discussion (0)

Editor guide