Short answer: Yes. We don't collect or store the passwords you enter on this site. (Keep reading for more information and technical details.)
To start with, we'll explain how the site works. We use two third-party solutions to check passwords. Both have an excellent reputation among cybersecurity pros.
The first solution is an algorithm that we use to check passwords for resistance to brute-force attacks. This tool allows us to quickly calculate the approximate time it would take to brute-force the password on an average PC. The algorithm factors in the use of dictionaries and lists of common combinations of characters in English. Rest assured, the password you enter is not sent or saved anywhere.
The second solution is Have I Been Pwned, which matches the entered password against databases of leaked accounts. Have I Been Pwned was created by renowned cybersecurity expert Troy Hunt, and it has become the de facto industry standard in recent years for checking passwords and accounts for leaks. The site hosts one of the most comprehensive and regularly updated collections of leaked accounts in the world.
Does Have I Been Pwned secretly harvest users' passwords? Very unlikely, but just in case, we do not directly hand over the password that you enter. Instead, we use a so-called password hash — an encrypted value that can be used to check for the presence of a database entry, but not to calculate the password itself (at least, not without extreme difficulty). Learn more.
What's more, we regularly check the security of our website and use secure data transfer (SSL/TLS).
Some browsers may offer to save the password you enter on the site, or use one already saved for this domain (for example, for My Kaspersky). We do not recommend saving passwords in the browser, because it is not the most reliable storage method.
Okay, let's hypothetically assume that, despite the above security measures, someone is able to intercept the password you enter. To use it, they would also need to know your username. Without that, the password itself is useless.
It analogous to losing your house key somewhere on a busy highway in another country. Unless the key has a tag with your address or some other identifier, losing it does not threaten the security of your home. Ditto for passwords.
To be sure of your anonymity, visit the site in incognito mode (supported by all popular browsers). And it's a good idea to use a VPN.
Here's how to come up with an unbreakable password:
And to avoid having to remember lots of passwords and log in every time, use a password manager. For example, try Kaspersky Password Manager.