Testing all substrings of a password for basic auth with curl

I had to test a substring of a password for a weird authentication issue with a local client

$ pw=K8ZUCmecnQU5o84mHPCnNsAKS4EdONbsJDcV
$ i=32; while true; do url="http://admin:${pw:0:$i}@"; curl -f -s -w '%{http_code}' $url; i=$((i - 1)); echo -e "\n$url"; read; done

So with this script I press enter until I see a HTTP 200, then use that URL for logging in via a browser.