Yes, you can. We don’t collect or store the passwords you enter on this site. We use the same tech to check them as you would find in Kaspersky Password Manager. You can find a detailed description with technical details below.
Furthermore, we constantly check our site’s security, and use a secure connection (SSL/TLS) to keep your data safe while being transmitted.
We check if your password can withstand brute-force attacks and hasn’t been exposed in any data breaches. Here’s how we do it, in detail.
First and foremost, we never transmit or store the password you enter. All checks happen locally on your end: your passwords never leave your device.
We don’t see your password either. Instead, we work with something called “password hash”: a scrambled, unique set of characters derived from your password. For example, if your real password is “qwerty12345”, after we “hash” it, it would look like this: 4e17a448e043206801b95de317e07c839770c8b8.
We assess how strong your password is by analyzing how long it would take to crack its hash with brute-force methods — trying every possible password to match the given hash.
When it comes to checking for leaks, we use that same hash. First, the hash is calculated locally on your device. Then, a part of the hash (say, the first half) is sent to Kaspersky servers. Reconstructing the source password from this part is impossible. The server then returns a list of all the compromised hashes that start with the same characters. If your hash matches one on that list, it means the source passwords match too. And the key thing is, your actual password never leaves your device during this process.
Thus, checking for leaks this way is totally safe for you.
Okay, let’s assume for a second that despite all the security measures we’ve laid out above, someone still somehow intercepts the password you entered on our site. To actually use it, they’d also need your username (login). Without it, the password itself is useless — it’s like losing your house keys somewhere on a busy highway in another country. If there’s no tag with your address or some other ID on those lost keys, your home isn’t really at risk. The same is true for your password.
Here’s what your password should be so it never gets hacked:
Some browsers may offer to save the password you enter on a site, or to auto-fill a password previously saved for another service on this domain, such as My Kaspersky. We advise against it, however: browsers don’t make for the most secure password storage.
And to avoid having to remember all your passwords yourself, get a password manager. You’ll only have to remember one main password, and Kaspersky Password Manager handles the rest. We offer a detailed explanation of how it works here.