Password ToolsAvailable

Password Leak Check

Check if your password has appeared in known data breaches using the Have I Been Pwned API. Only the first 5 characters of your password's SHA-1 hash are ever sent — your password never leaves your device.

k-Anonymity protected. Your password is hashed with SHA-1 in your browser. Only the first 5 hex characters (out of 40) are sent to the server, which forwards them to the HIBP Pwned Passwords API. The full hash — and your password — are never transmitted.

Password to check

Breach data provided by Have I Been Pwned (Troy Hunt). This tool uses the Pwned Passwords range API which implements k-anonymity so your password is never exposed.