allow the pwnd password query to show the sites/breaches the password was included in?
I have a relatively unusual password that I used to use widely. However, I stopped doing that years ago. It currently shows up in 6 breaches. I would love to know which sites still have it so that I can check/resurrect those accounts.
-
Eduardo R. commented
One could easily run a password dictionary through this kind of search and use each password found that was used in a given site with a username list/database easily found in the web and gain access to those accounts if they haven't changed their passwords yet.
The list of sites where your account was pwned should be enough to locate where a given leaked password was used, and the lists generally are linked to a specific source.
And last, your password may be shown as leaked because it's used by another person with another account in any website if it's weak and/or can be found in a dictionary, and that account was pwned too.
-
Holt commented
I have a very similar situation. I'd like this feature as well!