Techlogia — AI and Web Development Berlin

Free tool · techlogia.de

Has your password been leaked?Find out.

Check in seconds whether your password appears in a known data breach. Your password never leaves your browser – nothing is sent and nothing is stored.

0

passwords sent

5

characters to the API

$0

cost · no account

~1s

to the result

Hashed in your browser only — nothing is sent or stored

Don't take our word for it: press F12, open the developer tools, "Network" tab — you'll see that only the 5 characters leave your browser when you check.

No cookie · no localStorage · no password and no hash sent to our server — only an anonymous total count of checks is kept

How it works

Your password stays with you (k-anonymity)

01

Hash in the browser

Your password is hashed locally with SHA-1 – right in your browser, without any transmission.

02

Send only 5 characters

Only the first 5 characters of the hash go to the Pwned Passwords API. Your password cannot be reconstructed from them.

03

Local comparison

The API returns all matching hash endings. Your browser compares the rest locally – the API never learns the result.

04

Clear result

You instantly see whether and how often the password appeared in breaches – red on a hit, green when not found.

Privacy

Why this is safe

This check uses the k-anonymity method of the "Have I Been Pwned" database. The principle: nobody – neither Techlogia nor the API provider – ever sees your password or the full hash.

We deliberately check passwords only, not email addresses. An email breach check would transmit personal data and require an API key – which we don't want.

Why SHA-1?

Here SHA-1 is only the lookup format of the HIBP database — not for storing passwords. The known collision weaknesses of SHA-1 are irrelevant for this comparison: the point is simply to match your hash against the breach list without revealing it in full.

When you check, your browser contacts the service "Have I Been Pwned" directly (via Cloudflare) — transmitting your IP address. Exactly what is sent, on what legal basis and with which third-country implications is described in our privacy policy.

Your password never leaves your browser – it is only hashed locally.

Only 5 characters of the hash go to the API – reconstruction is impossible.

Techlogia stores nothing: no password, no hash, no log.

No account, no API key, no tracking – completely free.

Open, verifiable method, observable from your browser.

Your password is discarded from the input field and memory immediately after hashing.

Nothing is stored in the browser — no cookie, no localStorage, no history.

Get in Touch

Have a project?

Let's bring your idea to life together. We're happy to advise you with no obligation.

Get in Touch

How do you like this page?

Password Check — Has Your Password Been Leaked? | Techlogia