Skip to main content
Kent·TechSupport
§ 01Free tool

Has my password been in a breach?

Check the strength of a password and look it up against more than a billion known leaked passwords. The password never leaves your browser. No sign-up, nothing stored.

Start checking

The password stays in your browser. We only send the first five characters of a one-way SHA-1 hash to the breach database. Nothing identifying is logged.

Never enter a password from an account that currently matters into any tool you do not fully trust. Tap Hide if anyone is looking over your shoulder.

§ 03How it works

Your password never leaves your browser.

The breach lookup uses the same trick Have I Been Pwned offers to apps that care about privacy. Called k-anonymity. It works like this.

  1. 01

    Hash in your browser

    Your password is turned into a one-way SHA-1 hash on your device. The original password is never sent anywhere.

  2. 02

    Send five characters

    Only the first five characters of that hash leave your browser. Nothing identifying, nothing reversible.

  3. 03

    Receive many matches

    The breach database returns every hash that shares those five characters. Usually a few hundred.

  4. 04

    Compare locally

    Your browser checks the rest of the hash against the list. Match means breached. No match means clean.

The breach data comes from Have I Been Pwned, a free service run by Australian security researcher Troy Hunt. The same database sits behind 1Password, browsers' built-in password warnings, and most reputable password managers.

§ 04

Found in a breach? Here is what to do

  1. 01

    Change it everywhere

    Anywhere you used this password, change it. Start with email and banking. A password manager makes this five minutes of work, not an afternoon.

  2. 02

    Turn on two-factor

    On the accounts that matter (email, banking, Microsoft 365, social). Authenticator apps are stronger than SMS. Most apps have it under Security or Sign-in.

  3. 03

    Stop reusing

    A unique password per account is the single biggest security upgrade most people can make. Pick a password manager and let it generate them.

If your business is exposed and you want help sorting it properly, tell us what is going on. We help with password manager setup, MFA rollouts and the boring after-work that actually stops it happening again.

§ Useful next

§ 05 · Get in touch

Need a hand sorting security properly?

Password managers, multi-factor authentication, backups that actually work. Talk to a real person and we will help you put it together without scare tactics.

Talk about securityOr call 07440197197
CallSend a note