Prevent Pwned Passwords

Prevent Pwned Passwords

Checks password hashes against Have I Been Pwned and displays a notification if the hash has been leaked in a breach.

What is Prevent Pwned Passwords?

Prevent Pwned Passwords is a Firefox add-on by Chris Wilson. This add-on has 87 daily active users and an average user rating of 3.00. The latest version, 1.0.0, was updated 5 years ago.

Stats date:
Users: 87 ▲ 1
Rating: 3.00 (3)
Version: 1.0.0 (Last updated: 2017-10-29)
Creation date: 2017-10-29
Weekly download count: NaN
Firefox on Android: Yes
Manifest version: 2
  • notifications
  • storage
  • contextMenus
  • tabs
Size: 49.37K
Email: Click to see
Risk impact: High risk impact
Risk likelihood: Low risk likelihood
Found a bug?

Other platforms

Not available on Chrome
Not available on Edge
Prevent Pwned Passwords helps make sure you don't use any password that's known to have been part of a data breach. If you try to use a password that's known to have been compromised, you'll get an alert.

You can choose to run it whenever you enter a password on any site, whenever you enter a password on a "Create Account" page, or only when you choose to check a password from a context menu. You can also whitelist sites, giving you greater control over what passwords are checked.

This extension hashes your password and securely checks that hash against a database of hashes known to be breached. If it's been involved in a past breach (of any account across hundreds of sites), it notifies you so you can change your password.

Note that the only data ever transmitted is a password hash. We never send a clear-text password or any identifiable information like a username or a URL.

This extension uses the Have I Been Pwned service.
Risk impact

Prevent Pwned Passwords requires a number of risky permissions that can potentially harm your browser and steal your data. Exercise caution when installing this add-on. Review carefully before installing. We recommend that you only install Prevent Pwned Passwords if you trust the publisher.

Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypass your security settings, and access your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

Risk likelihood

Prevent Pwned Passwords has earned a fairly good reputation and likely can be trusted.

Risk likelihood measures the probability that a Firefox add-on may turn malicious. This is determined by the publisher and the Firefox add-on reputation on Firefox Browser Add-ons, the amount of time the Firefox add-on has been around, and other signals about the Firefox add-on. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Firefox add-on, especially ones with higher risk impact and/or higher risk likelihood.

Subscribe to the premium plan to see more risk analysis details