Say you have a 1GB text file (words.txt) and has a word each line. Like this
1. John
2. Doe
3. Jane
4. Smith
Kegwell kegwell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # file: merger.py | |
| # based off: http://cmikavac.net/2011/07/09/merging-multiple-nessus-scans-python-script/ | |
| # by: mastahyeti | |
| import xml.etree.ElementTree as etree | |
| import shutil | |
| import os | |
| first = 1 | |
| for fileName in os.listdir("."): |
simbo1905
/ PwnedPaswordsMongoDB.md
Last active
July 10, 2023 02:50
How To Load The HIBP Pwned Passwords Database Into MongoDB
NIST recommends that when users are trying to set a password you should reject those that are commonly used or compromised:
When processing requests to establish and change memorized secrets,
verifiers SHALL compare the prospective secrets against a list that
contains values known to be commonly-used, expected, or compromised.
But how do you know what are the compromised passwords? Luckily Troy Hunter put a lot of effort into building the "Have I Been Pwned (HIBP)" database with the SHA1 hashes of 501,636,842 passwords that have been compromised on the internet. Sweet.