Privacy-Preserving Tool

Password Breach Checker

Uses the HaveIBeenPwned k-anonymity API. Your password is hashed with SHA-1 locally. Only the first 5 characters of the hash are sent — the actual password never leaves your browser.

Show password

Password hashed client-side (SHA-1). Only the first 5 hex characters sent to HaveIBeenPwned API.