How Your Password Stays 100% Private

No logs. No tracking. No full password ever leaves your device.

Your Full Password Never Leaves Your Browser

Every calculation — hashing, checking, estimating — happens entirely in your browser.
We don’t have a server that sees your password. Ever.

k-Anonymity with HaveIBeenPwned (HIBP)

We use Troy Hunt’s official HIBP k-anonymity API:

  1. Your password → SHA-1 hash (done in your browser)
  2. Only the first 5 characters of the hash are sent to HIBP
  3. HIBP returns hundreds of matching hash suffixes
  4. We check locally if your full hash is in that list

Result: HIBP learns nothing about your actual password.
You remain completely anonymous and safe.

Brute-Force Estimator = Pure Client-Side Math

No API calls. No data sent.
Just counts your character types (lowercase, uppercase, numbers, symbols) and uses logarithmic math to estimate cracking time — all in your browser.

Privacy First. Always.

Built by Muhammad Husnain Zargar • No tracking • No logs • Open source vibes

← Back to Password Checker