You can check whether a password has appeared in a previous data breach at haveibeenpwned.com/passwords. The only issue is, of course, that you have to enter your password to find out if it’s been in a breach. I built a tool that uses homomorphic encryption to perform these lookups completely privately. Here’s why I built it, and an explanation of how it works. When “k-anonymity” isn’t enough HIBP uses a simple technique called “k-anonymity” to avoid sending the full hash of you...
