macOS
brew install checkpwnlocal Homebrew formula metadata
brew
Check Have I Been Pwned and see if it's time for you to change passwords. Version 0.6.0 via Homebrew; verified from local package data.
install
brew install checkpwnlocal Homebrew formula metadata
nix profile install nixpkgs#checkpwnnixpkgs package indexes · pkgs/by-name/ch/checkpwn/package.nix · source: api.github.com
overview
Check Have I Been Pwned and see if it's time for you to change passwords
history
checkpwn is a Rust CLI for querying Have I Been Pwned account, paste, and password-breach data. It is small, but source-backed enough to document as a package-manager convenience wrapper around a security API.
The brycx/checkpwn repository was created in May 2018. The README describes checkpwn as a tool to check Have I Been Pwned and determine whether passwords need changing.
The Cargo metadata identifies it as a command-line utility with password, security, and HIBP keywords. The project continued to receive releases through 0.6.0 in March 2026, when it moved to Rust Edition 2024 and updated dependencies.
The README documents installation through Cargo and Homebrew, while the batch metadata also lists Nix. This is typical adoption for a focused Rust CLI: cargo install first, then package-manager formulas for repeatable workstation setup.
Adoption appears niche rather than ecosystem-defining, with modest GitHub star counts, but the tool solves a clear packageable task: local HIBP checks without writing API glue.
Users register a Have I Been Pwned API key with checkpwn register, which writes checkpwn.yml in the user's configuration directory, then use checkpwn acc for accounts or lists and checkpwn pass for passwords.
For account checks, the README says checkpwn queries both the HIBP paste and account databases. Password checking is separated from account checking, matching the common operational distinction between exposed accounts and compromised password material.
checkpwn is package-nerd interesting as a compact Rust security CLI with Cargo, Homebrew, and Nix distribution. It shows the pattern of wrapping a popular web security service in a local command that stores minimal configuration and can be scripted.
Its config-path behavior also matters to packagers because API keys are user state, not package state.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
$XDG_CONFIG_HOME/checkpwn/checkpwn.yml~/.config/checkpwn/checkpwn.yml~/Library/Application Support/checkpwn/checkpwn.yml%APPDATA%\checkpwn\checkpwn.ymlCredential-bearing paths to review before unattended agent runs.
$XDG_CONFIG_HOME/checkpwn/checkpwn.yml~/.config/checkpwn/checkpwn.yml~/Library/Application Support/checkpwn/checkpwn.yml%APPDATA%\checkpwn\checkpwn.ymlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
checkpwn | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/brycx/checkpwn
install metadata
| Package key | brew:checkpwn |
|---|---|
| Version | 0.6.0 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/checkpwn |
| Homepage | https://github.com/brycx/checkpwn |
| Repository | https://github.com/brycx/checkpwn |
| Upstream docs | https://github.com/brycx/checkpwn#readme |
| License | MIT |
| Source archive | https://static.crates.io/crates/checkpwn/checkpwn-0.6.0.crate |
| Build dependencies | rust |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | checkpwn |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
checkpwn
nix profile install nixpkgs#checkpwnsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.