Import-CompromisedPasswordHashes
SYNOPSIS
Imports a file of NTLM hashes into the compromised password store
SYNTAX
DESCRIPTION
The Import-CompromisedPasswordHashes cmdlet will import a file containing newline-separated NTLM hashes into the compromised password store.
The NTLM password files from haveibeenpwned.com can be imported directly without modification using this cmdlet. Ensure you download the "sorted-by-hash" version of the file for the best import performance.
Note: Use the Sync-HashesFromHibp cmdlet to import the latest compromised password hashes directly from the haveibeenpwned.com API
EXAMPLES
Example 1
This example shows how to import a file of hashes, while allowing the cmdlet to determine the sort status and batch size
Example 2
This example shows how to import a file of hashes, while specifying that the file is not sorted and that the batch size should be 50 million items
PARAMETERS
-BatchSize
Specifies how many hashes to read from an unsorted file before committing to disk. This parameter has no effect on a sorted file.
In order to minimize the impact of memory usage when importing unsorted hashes, the hashes are read from the file and committed to the store in batches of this size. The larger the batch size, the faster the import, but the more memory is used. If left unspecified, the default value of 5,000,000 is used which provides an adequate balance of memory usage and speed.
-Filename
The path to the file containing the NTLM hashes to import. Each hash should be in hex format, be 32 characters in length, and each record must appear on a new line. The hash can optionally end with a colon and anything after the colon character is ignored.
-Sorted
A boolean value indicating if the hashes in the file are sorted in ascending order or not. The cmdlet will optimize the type of import it performs based on this parameter. A sorted file will allow a much faster import of data into the store. However, there is a significant penalty if you specify that the file is sorted when it is not. If this parameter is omitted, the cmdlet will guess which algorithm to use by reading the first 1000 lines of the file. If those first 1000 lines are all in order, a sorted import will be performed.
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
INPUTS
System.String
OUTPUTS
System.Object
NOTES
The following list shows the allowed formats. The hashes are not case sensitive.
8846f7eaee8fb117ad06bdd830b7586c 5835048ce94ad0564e29a924a03510ef:123 e22e04519aa757d12f1219c4f31252f4:3 e22e04519aa757d12f1219c4f31252f4:
RELATED LINKS
Last updated