A privacy-conscious Streamlit app for checking whether passwords or emails appear in known breach datasets.
- Check passwords using HaveIBeenPwned's k-anonymity password API
- Check email breaches using HaveIBeenPwned API
- Query BreachDirectory for email/username breach records
- Send webhook alerts when leaks are detected
- Streamlit dashboard interface
- Raw passwords are not stored.
- Password checks use SHA-1 k-anonymity through HaveIBeenPwned.
- Email and username checks may be sent to external breach APIs.
- Secrets should be stored in
.envlocally or Streamlit secrets in deployment.
python -m venv password_leak_env
.\password_leak_env\Scripts\Activate.ps1
python -m pip install -r requirements.txt