Check if your password has been exposed in known data breaches. Uses the Have I Been Pwned k-anonymity API.
Your password is SHA-1 hashed in your browser. Only the first 5 characters of the hash are sent to the API (k-anonymity). The full password never leaves your device.
Powered by Have I Been Pwned by Troy Hunt.
Uses k-anonymity model: only a 5-character SHA-1 prefix is transmitted. Learn more.