Updating Pwned Passwords Dataset

This article walks through updating our Pwned Passwords dataset in S3. The script will download the (at the time of this posting) 17.2 gb Pwned Passwords file from haveibeenpwned and then post it to our AWS environments as specified.

We have separate buckets for sandbox and production. To upload the files you must:

Set up some variables for the s3 buckets.

export sandbox_bucket=[see handbook appendix]
export prod_bucket=[see handbook appendix]

Download and unzip the file without uploading to s3:

./scripts/pwned-passwords.sh

Download and update the file in sandbox:

# sandbox
./scripts/pwned-passwords.sh -s

Download and update the files in production:

# prod
./scripts/pwned-passwords.sh -p