HIBPOfflineCheck icon indicating copy to clipboard operation
HIBPOfflineCheck copied to clipboard
verified publisher icon mihaifm

It's unreliable

Open A30BL opened this issue 6 months ago • 1 comments

I have tested the plugin with KeePass V2.60 (x64) and it struggles with simple passwords. I tested the passwords "123456", "TEST", "Trommel" and "Test" online. The passwords are, of course, so trivial that they are found online by HIBP. But in KeePass the HIBPOfflineCheck says, that "123456", "TEST" and "Test" are secure, only "Trommel" is pwned 779 times like the online result.

Does anyone have an idea about this? The password file was downloaded twice from HIBP for testing. Could it be that trivial passwords aren't included in the file?

See screenshot, "Titel" entry corresponds to the password.

Image Image Image

A30BL avatar Nov 11 '25 11:11 A30BL

Hi, not sure what happened here. Just downloaded the latest passwords file and re-checked both Online and Offline mode. I even changed the language to German. Everything seems to be working.

Not sure what else to suggest but to re-download the passwords file.

haveibeenpwned-downloader.exe pwnedpasswords

Finished downloading all hash ranges in 628,677ms (1,667.91 hashes per second).
We made 1,048,576 Cloudflare requests (avg response time: 54.65ms). Of those, Cloudflare had already cached 1,048,576
requests, and made 0 requests to the Have I Been Pwned origin server.
Image

Make sure it's around 86GB in size. It should definitely contain those trivial passwords.

mihaifm avatar Nov 14 '25 16:11 mihaifm