Check for pwned passwords

Check if the password is already in compromised data, source haveIbeenpwned

What is Check for pwned passwords?

Check for pwned passwords is a Chrome extension that allows you to check if your password has been compromised by comparing it to a database of compromised passwords from haveibeenpwned.com.

Download

Stats

By: modi.konark

View on Chrome Web Store

Users: 24 ▼ -3

Version: 0.4 (Last updated: 2018-02-23)

Creation date: 2018-02-22

Risk impact: High risk impact

Risk likelihood: Low risk likelihood

Manifest version: 2

Permissions:

http://*/*
https://*/*
tabs
activeTab
<all_urls>

Size: 50.77K

Stats date:

Chrome-Stats Rank

# 93766 ▼ 2304

Other rankings

#8596 in Developer Tools ▼ 173

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

Thanks to awesome Troy hunt, this is based on APIV2 of Have I been passwords k-anonymity check. https://haveibeenpwned.com/API/v2#PwnedPasswords

Steps:

Enter your password.
Before hitting submit, click on the link Check password(Source ...)
It hashes at sends (5 character) to the backend, and then compares locally the hash.
If it is found alerts saying password found in dump, else not found.

Caution: It's alpha version, need to polish it.

Safety

Risk impact

Check for pwned passwords is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this extension. Review carefully before installing. We recommend that you only install Check for pwned passwords if you trust the publisher.