Improve your online security by preventing password reuse and phishing.

Download Shield
Shield screenshot

What does it do?

When you reuse your password across multiple sites, you open yourself up to password hackers that can steal your financial and identity data. Shield alerts you whenever you use the same password on multiple sites, and gives you a clear path to take charge, change those passwords, and make your online identity more secure.

Shield also checks each webpage you visit and validates that you’re in the right place. It detects when a lookalike website is trying to steal your password and alerts you right on the screen.

Password hackers are getting more sophisticated every day - from a simple malicious link in an email to actually intercepting your SMS texts, it’s more important than ever to have good password health.

How does it work?

Each time you sign into a website, we look at the website address and password used and search for a match against a cache of the websites you have previously signed into. If we detect a weak or reused password, a notification on the screen appears, advising you to change the password for the website.

Using a secure, one-way hash, passwords are stored locally in your browser. The sites you visit and the password hashes are never tracked back to a server.


Shield has been carefully developed with privacy as one of its guiding principles. It does not use cookies, track your website usage, or utilize any other information that could be used to identify you.

See our Privacy Policy for more detail.


The enterprise version of Shield (coming soon) simplifies the process of company-wide deployment and provides administrator alerts when password reuse or phishing is detected.

In enterprise mode, a login button is visible that lets users sign in so that administrators can be alerted to users that have bad password hygiene.

Eeterprise version - Dashboard