Changes

Page history
Updated password database settings authored by Marius David Wieschollek's avatar Marius David Wieschollek
Show whitespace changes
Inline Side-by-side
Administrators/App-Settings.md
View page @ 6e83d0e9
......@@ -45,19 +45,18 @@ Their database receives regular updates with lists of passwords used by hackers
The app uses their [k-anonymity api](https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/#cloudflareprivacyandkanonymity) to download a subset of hashes and does the comparison locally.
The app never sends SHA-1 hashes to the api.
**10 Million Passwords** downloads a static password file and fills the local cache with it.
After this, all password checking can be done locally.
Unlike Hibp it does not need to make a request for each check, but the database is a lot smaller and not up to date.
Updating the database can take up to 1.75Gib of RAM or up to 125MiB on less powerful systems.
If you do not have that much RAM available, you should not use this service.
It also requires around 512Mib of disk space.
**1 Million Passwords** downloads a static file with the most common passwords.
It uses a lot less system resources than the 10Mio passwords and should run on any system.
The database is considerably smaller and not up to date.
**10 Mio Passwords + Have I been pwned?** fills the local cache with the most common passwords.
This service fills the local database with the 10 million passwords and therefore reduces the amount of requests to Hibp.
**Big local database (25M passwords)** downloads a static database of 25 million breached passwords and stores them locally.
Unlike Hibp?, the security check is done locally and no request to any api is made.
This database contains the 25 million most common entries from Hibp? and is significantly smaller than theirs (600M+ entries) and also not updated as often.
The database requires around 600MiB of disk space on your server.
**Small local database (5M passwords)** downloads a static database of 5 million breached passwords and stores them locally.
Unlike Hibp?, the security check is done locally and no request to any api is made.
This database contains the 5 million most common entries from Hibp? and is significantly smaller than theirs (600M+ entries) and also not updated as often.
The database requires around 150MiB of disk space on your server.
**Big local database & Hibp?** downloads a static database of the 25 million most common breached passwords and stores them locally.
If the SHA-1 hash of any password is not found in the local database, it will be checked against the Hibp?-Api.
#### Password Generator Service
......
......