[NoPicklez]

He has the "Pwned Password" search to allow you to narrow it down and he has a really good article that he links to explaining why despite its inconvenience.

If I was him I'd do the same. HIBP is a side project of his and I wouldn't be able to sleep at night knowing I have the responsibility of securing billions of email & password combinations.

At the risk of the breach of those accounts adding fuel to the credential stuffing fire and reducing his overall credibility when providing security advice which is his primary occupation.

Too risky.

[zawerf]

I am not sure you should put too much confidence in the "pwned password" search.

I know one of the weak password I stupidly reuse everywhere was compromised since I had someone buy something with my paypal account. But it comes up as clean in the password search. So it was probably cracked from one of the leaked hashes but the plain text was never entered into the public dumps.

[M2Ys4U]

Well one can't prove a negative, that is that your password _hasn't_ been leaked.

Knowing that - for sure - a password has appeared in a breach is very useful.

[113]

It would be impossible for the site to have every password ever compromised.

It can only check against a database of known password leaks.

[ehsankia]

There wouldn't be any inconvenience if your password manager did its job of helping you manage your passwords. 1Password has implemented a feature that helps you easily check all your passwords, I'm honestly surprised it's taking so long for the others to do too. The data is there, there's a super easy API, it doesn't take that much effort...

[rerx]

Enpass has such a feature too. I just had it check all my passwords in the light of this new breach.