Password Leak Check
See if your password is on the most-leaked-ever list.
Your password never leaves your browser.
The list of leaked passwords is bundled into this page. The check is a local string match. No network call.
List size: 400 of the most-used passwords from public breach corpora.
About
Type a password and the tool checks it against a built-in list of the 10,000 most commonly leaked passwords from real breaches. Match means your password is already in attacker dictionaries and gets cracked instantly. The check runs in your browser. No password leaves your device, no API call, no logging.
How to use
- Type a password.
- See if it appears in the leaked list.
- Change it everywhere if it does.
FAQ
Does my password leave my browser?+
No. The list of leaked passwords is bundled into the page. Your password is checked locally. Nothing is sent anywhere.
Why only 10,000 passwords?+
Real breach databases are billions of passwords, which would mean an API call. The top 10,000 catches the vast majority of cracked passwords since attackers try common ones first. If your password isn't here, it doesn't mean you're safe, but it's a good first check.
What should I do if my password is on the list?+
Stop using it everywhere immediately. Generate a new random one for each account. Use a password manager so you don't have to remember them.