StrengthX is a password security intelligence tool that checks whether your password has been exposed in known data breaches via the HaveIBeenPwned API, then leverages a local Ollama LLM to analyze weaknesses and generate a stronger, secure alternative — combining real breach intelligence with AI-powered hardening.
StrengthX bridges real-world breach data with AI analysis to give users actionable, personalized password security recommendations. The tool uses SHA-1 hashing with k-Anonymity to query HaveIBeenPwned without ever sending the full password — preserving user privacy. The local Ollama LLM then dissects structural weaknesses and generates a unique, context-aware strong alternative.
Queries HaveIBeenPwned's database of over 9 billion compromised passwords using SHA-1 k-Anonymity — password never leaves your device in plaintext.
Ollama LLM analyzes entropy, predictability, common patterns, and dictionary risks — returning a detailed breakdown of why your password is weak.
The LLM generates a context-aware strong password based on your current pattern — making it memorable while maximizing security entropy.
k-Anonymity model ensures only the first 5 characters of the SHA-1 hash are sent — mathematically impossible to reverse-engineer the original password.
Real-time feedback within seconds — breach count, strength score, AI explanation, and generated alternative displayed in a single clean output.
Deployed on Railway for reliable, low-latency access with auto-scaling and zero-downtime deployments.
User enters their password. The plaintext never gets stored or logged — it's processed only in memory for the duration of the check.
The password is hashed with SHA-1. Only the first 5 characters of the hash are sent to the Pwned API — the full password never travels over the network.
The API returns all hashes matching those 5 characters. The app locally checks if your full hash is among them — and reports how many times it was breached.
The password is passed to a local Ollama-hosted LLM which evaluates entropy, patterns, length, and character diversity — generating a structured security report.
Based on the analysis, the LLM proposes a stronger password — maintaining user-friendly patterns while eliminating all identified vulnerabilities.