Pwned Passwords
Check if your password has appeared in known data breaches
Good news — no pwnage found!
This password wasn't found in any of the Pwned Passwords loaded into Have I Been Pwned. That doesn't necessarily mean it's a good password, merely that it's not indexed on this site.
Oh no — pwned!
This password has been seen 0 times before in data breaches!
This password has previously appeared in a data breach and should never be used. If you've ever used it anywhere before, change it immediately!
Why check for pwned passwords?
Password reuse is extremely common and puts your accounts at risk. When credentials are exposed in data breaches, attackers can use these known email and password combinations to access your other accounts.
NIST guidelines specifically recommend checking user passwords against previously breached datasets. This service provides a simple, secure way to comply with these guidelines.
The dangers of password reuse
Credential Stuffing
Attackers automate login attempts using leaked credentials from other sites, exploiting password reuse habits.
Data Breaches
Large-scale breaches expose millions of passwords, which are often used across multiple services.
Password Patterns
Even when users modify passwords between sites, attackers can easily predict common patterns.
Reliable Service Performance
Monthly Requests
Cache Hit Ratio
Edge Locations
Globally Distributed Performance
Our password checking service handles over 13 billion requests monthly, delivered through Cloudflare's global network for high availability.
With a cache hit ratio over 99.9%, the service provides lightning-fast responses regardless of your location, ensuring a seamless experience when checking password security.
The service is delivered via 335 edge locations distributed across 125+ countries, minimising latency for users worldwide.
API & Integration
API Access
Integrate Pwned Passwords into your own applications with our freely available API. Prevent users from selecting vulnerable passwords and improve your security posture.
Download & Integrate
The best way to get the most up-to-date passwords is via the API. Alternatively, use the free and open source Pwned Passwords downloader to take the entire corpus offline and run it yourself.
Partners

Powered by Cloudflare
The Pwned Passwords service is made possible by Cloudflare's generous support. They provide the global infrastructure to serve billions of requests securely and efficiently.
Password Management
Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.
Support This Service
Have I Been Pwned is a free resource for the entire community. If you find this service valuable, please consider supporting it with a donation.