About

What is this?

This is a functional joke where you can check if your password has been in a internet leak. Inspired by ismycreditcardstolen.com

How does it work?

The technical details are a bit complex (technical explanation), but in short it does some magic calculations to your password and checks the result using the haveibeenpwned.com API to find out of if your password has been found in any leaked database. And it does it without ever transfering your revealing your password or any information about it to either me or haveibeenpwned.

So you are not stealing my password?

No I am not.

Is it safe to enter my password?

Yes*

*Technically, assuming everything works as it is perfectly safe, but I give no guarantees.

Is there a safer and more secure way I can test my password?

There are a few options, my recommendation is to use a Password Manager with built in support for checking your passwords. I use StrongBox, but other alternatives with same or similar functionality includes LastPass , KeyPass (with a plugin) or Google Password Manager

If you are technical and don't mind the terminal you could use a simple bash script like this https://github.com/DokterW/hibp-cli

If this is not serious, how did you get those nice looking certification badges?

I made them with Acorn and Inkscape as part of the joke. Troy explains things better than I do here

Who made this?

This website was made by [email protected], it builds upon work done of Felix Giffard and Troy Hunt but they have no affiliation to this site.

I don't think it's funny

That is fine, hopefully it is useful or funny to someone.

Go back and check more passwords!