Check whether a password has appeared in known data breaches, using k-anonymity: the password is hashed locally and only a 5-character hash prefix is sent upstream, so the plaintext is never transmitted, logged or stored. Accepts a password, a SHA-1 hash or an NTLM hash. Returns compromised, breach_count and the hash prefix. Credential-exposure indicators, not a guarantee.