Have I Been Pwned Has a Free API — Check If Any Email Was in a Data Breach

Have I Been Pwned (HIBP) is the internet's largest database of breached credentials. Over 14 billion compromised accounts indexed. And part of their API is completely free. The Wake-Up Call A SaaS company discovered their users were reusing breached passwords. Not because they were hacked — because they checked. They integrated HIBP's password API into their registration flow. 23% of new passwords had already been exposed in data breaches. They added a simple warning: "This password appeared in a known data breach." Password reuse dropped by 80%. What's Free vs Paid Feature Cost What You Get Password check Free Check if a password hash exists in breaches Breach list Free Get all known breaches and their details Email check $3.50/mo Check if specific emails were breached The password API is the most useful — and it's 100% free. Check If a Password Has Been Breached HIBP uses a clever k-anonymity model. You send only the first 5 characters of the SHA-1 hash. Your actual password never le