Check Pwned Passwords

This tool uses the k-Anonymity model to securely check your password against the Have I Been Pwned database.

• Your password is hashed locally using SHA-1.
• Only the first 5 characters of the hash are sent to the API.
• The API returns a list of all breached hashes starting with those 5 characters.
• The full comparison happens locally in your browser.

Your full password and hash never leave this device.