Visit our website

Cleartext Credentials API

Previously named the "Raw Passwords API" - retrieve all compromised passwords in cleartext for a username

The Cleartext Credentials API allows you to lookup all the compromised passwords Enzoic has for a given user. The passwords are returned in cleartext, if available, or in the raw hash format that was recovered if not (e.g. MD5, SHA1, BCrypt, etc.). This API is extremely sensitive and restricted to organizations that pass extensive vetting. Please contact sales if you believe you have an appropriate use case for this API.

Query all cleartext passwords for a given email address.

Returns a list of passwords in the Enzoic database for a given email address.

GEThttps://api.enzoic.com/v1/cleartext-credentials
Authorization
Query parameters
Response

Passwords for the user were found in the Enzoic database and are included in the response

Body
passwordsarray of CleartextCredentialsPasswordItem (object)

An array of passwords which were found for this user.

lastBreachDatestring (date)

A string containing the date/time of the last credentials exposure found for this account. This can be used to more intelligently check credentials for a user, i.e. if the lastBreachDate is less than the last time you performed a credentials check, you can skip the remaining steps.

Request
const response = await fetch('https://api.enzoic.com/v1/cleartext-credentials', {
    method: 'GET',
    headers: {
      "Authorization": "basic <token>"
    },
});
const data = await response.json();
Response
{
  "passwords": [
    {
      "password": "password123",
      "salt": "text",
      "exposures": [
        {
          "id": "57dc11964d6db21300991b78",
          "title": "funsurveys.net",
          "entries": 5123,
          "date": "2015-05-01T00:00:00.000Z",
          "category": "Manufacturing",
          "source": "Cybercrime Forums",
          "passwordType": "Cleartext",
          "exposedData": [
            "Emails",
            "Passwords"
          ],
          "dateAdded": "2016-09-16T15:36:54.000Z",
          "sourceURLs": [
            "https://www.someplace.com"
          ],
          "domainsAffected": 683,
          "sourceFileCount": 1
        }
      ]
    }
  ],
  "lastBreachDate": "2022-12-10T02:05:03.000Z"
}

Query all cleartext passwords for a users in a given email domain.

Returns a paginated list of credentials in the Enzoic database for all users under a given email domain. This variant of the call takes a domain (e.g. enzoic.com) and returns a list of emails and recovered passwords for any email address we've found credentials for in that domain.

GEThttps://api.enzoic.com/v1/cleartext-credentials-by-domain
Authorization
Query parameters
Response

The call was successful and all matching credentials are in the response

Body
countinteger

The total number of users exposed for the requested domain. If this exceeds the requested page size, the results are paginated and a pagingToken will be present in the response.

pagingTokenstring

Present when there are additional pages of results available. Pass this token in on a subsequent call to fetch the next page of results.

usersarray of object

An array of credentials found under this domain, grouped by email address.

Request
const response = await fetch('https://api.enzoic.com/v1/cleartext-credentials-by-domain', {
    method: 'GET',
    headers: {
      "Authorization": "basic <token>"
    },
});
const data = await response.json();
Response
{
  "count": 1,
  "pagingToken": "598e5b844eb6d82ea07c5783",
  "users": [
    {
      "username": "sample@email.tst",
      "passwords": [
        {
          "password": "password123",
          "salt": "text",
          "exposures": [
            {
              "id": "57dc11964d6db21300991b78",
              "title": "funsurveys.net",
              "entries": 5123,
              "date": "2015-05-01T00:00:00.000Z",
              "category": "Manufacturing",
              "source": "Cybercrime Forums",
              "passwordType": "Cleartext",
              "exposedData": [
                "Emails",
                "Passwords"
              ],
              "dateAdded": "2016-09-16T15:36:54.000Z",
              "sourceURLs": [
                "https://www.someplace.com"
              ],
              "domainsAffected": 683,
              "sourceFileCount": 1
            }
          ]
        }
      ]
    }
  ]
}

Query all cleartext passwords for a user by providing a partial hash of their email address.

Returns a list of passwords in the Enzoic database for a given email address. This variant of the call takes a partial SHA-256 hash of the email being checked and returns passwords for all possible candidate matches. Unless you need to pass only partial hashes for compliance purposes, we recommend using the exact match /cleartext-credentials variant for better performance.

GEThttps://api.enzoic.com/v1/cleartext-credentials-by-partial-hash
Authorization
Query parameters
Response

The call was successful and any matching candidate users are in the response

Body
candidatesarray of object

An array of possible matching users for the partial hash provided. Check the usernameHash property in each candidate to determine if it was a full match.

Request
const response = await fetch('https://api.enzoic.com/v1/cleartext-credentials-by-partial-hash', {
    method: 'GET',
    headers: {
      "Authorization": "basic <token>"
    },
});
const data = await response.json();
Response
{
  "candidates": [
    {
      "usernameHash": "abcabcab397b5155417038a5f33d31ec083d1e848ff3b69110005f1181eaa435",
      "lastBreachDate": "2022-12-10T02:05:03.000Z",
      "passwords": [
        {
          "password": "password123",
          "salt": "text",
          "exposures": [
            {
              "id": "57dc11964d6db21300991b78",
              "title": "funsurveys.net",
              "entries": 5123,
              "date": "2015-05-01T00:00:00.000Z",
              "category": "Manufacturing",
              "source": "Cybercrime Forums",
              "passwordType": "Cleartext",
              "exposedData": [
                "Emails",
                "Passwords"
              ],
              "dateAdded": "2016-09-16T15:36:54.000Z",
              "sourceURLs": [
                "https://www.someplace.com"
              ],
              "domainsAffected": 683,
              "sourceFileCount": 1
            }
          ]
        }
      ]
    }
  ]
}
PreviousHashed Credentials APINextTest Accounts

Last updated