[estroz]

There is no reason to trust this service over Troy Hunt's API. In fact I would use his API if I could guarantee that I wouldn't hit the rate limit too easily, as I'd rather not come across as a spammer. I would reach out to him if I did end up using his API. A library seems to be a good (and more secure) alternative to a service, and is a path I will consider if I decide to start this project.

On your comment about sending hashed creds: credentials would have to be sent to some server hosting the database, as the database would be quite large (for example, there are ~500 million password hashes in Troy Hunt's V2 release). That is the only networked component of the proposed service. Everything else would indeed be done client-side (with the current feature set).