Free Password Strength Checker
Test how strong your password is and check if it has appeared in a known data breach. 100% private — nothing leaves your browser.
About this tool
A password's real strength isn't whether it has a capital letter and a number — it's how long it would take an attacker to guess it, and whether it has already leaked in a data breach. This free password strength checker estimates the realistic crack time of any password against modern GPU-based offline attacks, and checks it against billions of known breached passwords using the k-anonymity model, so your password is never sent anywhere in full.
Everything runs locally in your browser. Use it to sanity-check the passwords you rely on for email, banking, M-Pesa and work accounts — and if a password scores poorly or shows up in a breach, change it and switch to a password manager so you never reuse one again.
Frequently asked questions
Is this password checker safe to use?
Yes. Strength scoring happens entirely in your browser and nothing is uploaded. The breach check uses k-anonymity: only the first five characters of your password's SHA-1 hash are sent, never the password itself, so your password cannot be reconstructed.
What makes a password strong?
Length and unpredictability beat complexity. A long passphrase of several random words is far stronger and easier to remember than a short password with symbol substitutions. Above all, never reuse a password across sites.
What should I do if my password was found in a breach?
Stop using it everywhere immediately, change it on every account where you used it, enable multi-factor authentication, and move to a password manager that generates a unique password per site.