Check if your password has appeared in a known data breach
Breach Scanner
How It Works
🔒
Your password never leaves your device. Byakugan uses the k-Anonymity model — only the first 5 characters of your password's SHA-1 hash are sent to the HaveIBeenPwned API. The rest is matched locally in your browser.
⚡
How it works: Your password is hashed with SHA-1. The first 5 characters of the hash are sent to the API. The API returns all hashes starting with those 5 characters (~500 results). Your browser then checks locally if your full hash appears in the list — zero exposure, complete privacy.
🛡️
Database: Powered by HaveIBeenPwned — the world's largest breach database with over 10 billion compromised passwords. Updated continuously with new breach data.