Check Whether Your Accounts or Passwords Have Been Breached

A majority of the online accounts are protected by just a username and password. You can take further steps to tighten the security such as using two-step authentication and biometric verification. But even then you would not want to use a password that has already been compromised as a result of some hacking data dumps.

If you want to check whether one of your online accounts or the passwords have been breached, you can visit the website This website incorporates the data dumps from various hacking incidents from all over the world and you can search this single website to find out whether your email address or one of your passwords exists somewhere in those lists.

In order to check the email address, you can enter your email address and click on the pwned? button. It will display whether your email address exists somewhere in the data dumps. You can see the details about on how many sites that email address was posted on and how many beaching incidents it was involved in. You can do the same to check for your passwords. It will tell you whether your passwords have been part of a data breach incident.

Have I been pwned?

The website also offers API that can be used by programs and apps to access the pwned databases. There are already so many programs using it. For example, you can use a simple Python script from to check whether an email address has been part of these data breach incidents. The script is fairly easy to use and works on all operating systems.

Have I been pwned?

In case you find your email address or password breached through “Have I been pwned?”, you should change your password to a much more secure and stronger password. You can use our PassGen utility to generate a very strong password for your use.