Termius checks the password and encryption passphrase using the haveibeenpwned.com service (HIBP). The Termius app searches for the first 5 characters of SHA-1 of the user-provided password / encryption passphrase in HIBP API per the Cloudflare k-anonymity implementation.
Termius never sends the original (unencrypted) password / encryption passphrase or information enough to discover what it is.
- The password is pa$word.
- SHA-1 of the password will be
- The first 5 characters are SHA-1 of the password is
617AD, the rest is
Here are the search results: https://api.pwnedpasswords.com/range/617AD.
This data tells us the password has been leaked in 96 breaches.
Was this article helpful?
Articles in this section
- How can I enable Split View?
- How do I cancel the trial period?
- How to copy/paste in the desktop app?
- How to adjust text size?
- What happens when my Pro subscription expires?
- Can the mobile ('strip') keyboard be customized?
- How do I search in the terminal?
- How do I set a default SFTP path?
- How can I request a refund?
- What does "Store on Device" mean in the FIDO2 key generation form?