Endpoint: /search-by-password
Required Permissions: search-by-password
The Password Search endpoint allows you to search for compromised credentials using specific passwords. This endpoint is particularly useful for identifying weak password usage across your organization and detecting password reuse.
Detect common password usage
Find password reuse patterns
Identify weak passwords
Monitor default credentials
Track password policy violations
JSON
{
"passwords": [
"Password123!",
"Welcome2024"
],
"sort_by": "date_compromised",
"sort_direction": "desc",
"types": [
"employees",
"users"
],
"domains": [
"example.com"
],
"filter_credentials": true,
"start_date": "2024-01-01T00:00:00Z",
"end_date": "2024-12-31T23:59:59Z"
}Parameter Type Description Constraints passwords array[string] List of passwords to search 1-50 passwords
Parameter Type Default Description sort_by string "date_compromised" Sort by "date_compromised" or "date_uploaded" sort_direction string "desc" Sort direction: "asc" or "desc" types array[string] all types Filter by "employees", "users" domains array[string] [] Filter by specific domains filter_credentials boolean true Return only matched credentials start_date datetime null Filter results after this date end_date datetime null Filter results before this date
JSON
{
"passwords": [
"admin",
"password",
"default"
],
"types": [
"employees"
],
"sort_by": "date_compromised",
"sort_direction": "desc"
}JSON
{
"passwords": [
"Summer2024!",
"Winter2024!"
],
"domains": [
"example.com"
],
"types": [
"employees"
]
}JSON
{
"passwords": [
"Company2024!",
"Welcome@Company"
],
"domains": [
"company.com"
],
"filter_credentials": true
}
Check common variations
Include seasonal patterns
Monitor default passwords
Track policy-compliant patterns
Group related passwords
Monitor critical systems
Track temporal patterns
Analyze reuse patterns
Handle passwords securely
Encrypt communications
Limit access to results
Document searches properly
Python
async def search_passwords(passwords):
return await api.post('/search-by-password', {
'passwords': passwords,
'sort_by': 'date_compromised',
'filter_credentials': True
})
Python
async def analyze_password_pattern(base_pattern):
variations = generate_password_variations(base_pattern)
results = await search_passwords(
passwords=variations[:50], # Respect limit
types=['employees'],
sort_by='date_compromised'
)
return analyze_results(results)
Python
async def monitor_default_passwords():
common_passwords = load_common_passwords()
results = []
for batch in chunk_list(common_passwords, 50):
response = await search_passwords(
passwords=batch,
start_date=get_last_check_date()
)
results.extend(response.data)
return analyze_findings(results)
Status Cause Solution 400 Empty password Validate input 400 Too many passwords Reduce batch size to ≤50 408 Request timeout Reduce batch size 429 Rate limit exceeded Implement backoff
Sanitize passwords
Remove sensitive data
Handle special characters
Validate input length
Encrypt findings
Secure storage
Limit access
Audit usage
Document searches
Track patterns
Monitor usage
Secure communications
Password reuse
Common patterns
Policy violations
Temporal trends
Credential exposure
Account compromise
Password strength
Reuse impact
Password reset
Policy updates
User training
System hardening
Check against policy
Monitor violations
Track changes
Update requirements
SIEM integration
IDS/IPS updates
Access control
Threat intelligence
Alert generation
Case management
Response automation
Documentation
Batch requests
Cache results
Rate limiting
Error handling
Filter relevant data
Group findings
Analyze patterns
Generate reports
Default passwords
Policy violations
Mass reuse
New patterns
Search volumes
Pattern frequency
Error rates
Response times
Search justification
Result handling
Access control
Audit trails
Password encryption
Secure storage
Access logging
Retention policies
Data minimization
Purpose limitation
User notification
Rights management
