Check if the password is already in compromised data, source haveIbeenpwned
Thanks to awesome Troy hunt, this is based on APIV2 of Have I been passwords k-anonymity check. https://haveibeenpwned.com/API/v2#PwnedPasswords Steps: 1. Enter your password. 2. Before hitting submit, click on the link Check password(Source ...) 3. It hashes at sends (5 character) to the backend, and then compares locally the hash. 4. If it is found alerts saying password found in dump, else not found. Caution: It's alpha version, need to polish it.