I suggest you ...

Add search passwords by a hash value

Let users use pre-generated hash values to search. Yeah, I know you calculate hashes of typed passwords on a client side, but some people still prefer not to type their password on 3rd party sites.

15 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
You have left! (?) (thinking…)
Alexey Razumov shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Submitting...
  • JE commented  ·   ·  Flag as inappropriate

    I can certainly understand a reluctance to enter passwords on third party sites, but it becomes a matter of who you trust. People enter passwords online all the time, and HIBP is a secure site. So, as long as they are not storing passwords in the clear, I don't see a reason to be concerned.

    Besides, I'm going to assume that the hashes generated client-side may contain a "salt" value and therefore, any hash entered manually by a user (without knowing the salt value) is unlikely to match what's in the HIBP database.

Feedback and Knowledge Base