Question 1

Do you store my password?

Accepted Answer

No. This tool checks locally in your browser and never stores your password. For online checks, it uses k-Anonymity so your full password is never sent.

Question 2

How does the privacy-first check work?

Accepted Answer

Your password is hashed in your browser (SHA-1). Only the first 5 characters of the hash are sent to the breach API. The API returns matching hash suffixes, and your browser checks locally for a match.

Question 3

What does it mean if my password is found?

Accepted Answer

It means the password (or its hash) appears in known breach datasets. You should change it everywhere you used it and enable multi-factor authentication.

Question 4

Is this the same as checking if my email was breached?

Accepted Answer

No. This checks password exposure only. Email breach checks are a separate tool.

Password Leak Checker

How privacy works

If your password is found