Have I Been Pwned is a useful resource for finding out when you’ve been affected by a data breach, but it’s best to get ahead of the problem by making your accounts more secure.

Troy Hunt, the security expert behind Have I Been Pwned (HIBP), has released 306 million previously-pwned passwords in a bid to help individuals and companies ramp up their online security. The ...

That gets sent to the Pwned Passwords API and it responds with 475 hash suffixes (that is everything after "21BD1") and a count of how many times the original password has been seen.

Ali has blogged here about the approach he took, using a mathematical property called k-anonymity — and both Hunt and 1Password are using this method to enable password checks against Pwned ...