Check for pwned passwords
Check if the password is already in compromised data, source haveIbeenpwned
What is Check for pwned passwords?
Stats
Other platforms
Summary
Thanks to awesome Troy hunt, this is based on APIV2 of Have I been passwords k-anonymity check. https://haveibeenpwned.com/API/v2#PwnedPasswords
Steps:
- Enter your password.
- Before hitting submit, click on the link Check password(Source ...)
- It hashes at sends (5 character) to the backend, and then compares locally the hash.
- If it is found alerts saying password found in dump, else not found.
Caution: It's alpha version, need to polish it.
Safety
Risk impact
Check for pwned passwords is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this extension. Review carefully before installing. We recommend that you only install Check for pwned passwords if you trust the publisher.
Risk likelihood
Check for pwned passwords has earned a fairly good reputation and likely can be trusted.
Similar extensions
Here are some Chrome extensions that are similar to Check for pwned passwords: