PassGuard Check Your password security toolkit
Bearded male developer in headphones coding on a laptop in a modern office setting. Photo: cottonbro studio / Pexels

About PassGuard Check

PassGuard Check is an independent, free-to-use online tool that helps people understand and improve their password security. Everything you type into the tools stays inside your browser — no accounts, no tracking of what you type into the tools, no selling of data. The site does use Google AdSense for advertising — see our Privacy Policy for details.

This site exists because most people don’t have weak passwords because they don’t care. They have weak passwords because the advice they get is contradictory, intimidating, or quietly designed to sell them something. PassGuard Check tries to fix that with plain-English explanations, a strength tester that actually shows you why something is weak, and recommendations that aren’t bought.

Who’s Behind This Site

PassGuard Check is built and maintained by Carlo van Leeuwen, a Lead Support Engineer based in the Netherlands.

I’ve spent close to three decades in IT. I started in 1997 selling and installing computer systems, moved through years of network administration across VoIP, Windows Server, and Linux environments, and these days my work centers on the parts of IT where infrastructure and security meet.

In my current role I’m responsible for:

A pattern I see again and again across thousands of endpoints: the vast majority of security incidents don’t involve clever attackers. They involve weak passwords, reused passwords, and credentials that should have been rotated years ago.

PassGuard Check actually started as a tool I built for myself and my team. In our work we have to create a lot of passwords for customers — and after enough of them, the limits of human imagination kick in pretty quickly. Over the years I accumulated a collection of scripts, methods, and bookmarked websites to help with this; each useful in its own way, none of them quite right on their own. PassGuard Check is what happened when I consolidated all of that into a single place. It was built first for daily use inside our team, and then opened up to anyone else who runs into the same problem.

How to verify who I am

PassGuard Check is a personal project — not a company. I’m not selling consulting services, courses, or a SaaS product.

What This Site Is

The site has three core areas:

Tools. A password strength tester, a passphrase analyzer, and a secure password generator. All three run entirely in your browser — your inputs never leave your device. You can verify this yourself by opening your browser’s developer tools (Network tab): nothing fires when you type.

Security Guide. A longer-form walkthrough of what actually makes a password strong in 2026, what attack types exist, and why the industry’s recommendations have shifted (length now matters more than complexity — and there’s a precise reason).

Resources & Blog. Curated links to organizations and tools I genuinely trust (NIST, OWASP, Have I Been Pwned), an honest recommended password manager list with pros and cons rather than affiliate-friendly bullet points, and articles on practical password hygiene written for people who don’t have time for whitepapers.

Editorial Standards

You have every right to ask how content on this site is produced, especially in 2026 when half of what you read online is machine-generated.

Research. Articles are researched against primary sources where possible: NIST publications, OWASP guidance, breach post-mortems, security researchers’ published work. I don’t rewrite other blogs.

AI assistance, with human oversight. I use AI tools (large language models like Claude and ChatGPT) to help draft, structure, and proofread articles. Every article is reviewed, edited, and fact-checked by me personally before it’s published. AI is a tool here, not the author. If you spot an error, let me know — I’d rather correct it than pretend it isn’t there.

Independence. I don’t take money from password manager companies in exchange for favorable coverage. When I recommend Bitwarden, 1Password, or any other tool, it’s because of its architecture, its track record, or my own use of it. Where affiliate links are used, they are disclosed in the relevant article.

Updates. Password and authentication advice ages quickly — what was best practice in 2020 isn’t always best practice now. Long-form articles are reviewed at least once a year and updated when industry standards shift. The “Last updated” date at the top reflects the most recent meaningful revision, not just a typo fix.

What This Site Is Not

To be straight with you:

It’s not a password vault. PassGuard Check tests strength; it doesn’t store passwords. Use a real password manager (Bitwarden, 1Password, Proton Pass, KeePass, or similar) for that.

It’s not a breach monitoring service. For that, use Have I Been Pwned.

It’s not enterprise security advice. If you’re responsible for an organization’s credentials, please consult professional security advisors. The information here is for personal use.

It’s not an AI content farm. Every article is reviewed by a real person — me — with a real name, a real career, and a real email address.

It’s not entirely cookie-free. The site uses Google AdSense for advertising, which relies on cookies. However, the password tools themselves never transmit anything you type to any server.

Get In Touch

Questions, corrections, suggestions for topics, partnership ideas — all welcome.

I read every message, but it can take a few days to reply.