This is currently a beta feature. You can enable it in the settings on heylogin.app.
The Login Status box displays information about the security status of a login.
Leak Check
The password is checked against a large database of leaked passwords, and warns if a match is found. This ensures that logins never use known bad passwords that have been shown up in a data leak.
The database is accessed using a “private information retrieval” method, to ensure the password stays secure during the process.
Password Origin
Where available, heylogin shows where the password came from:
- Generated by heylogin means the password was generated inside heylogin
- Input by user, if the password was typed (or pasted) in manually by the user
- Import, if the password was part of an import
ℹ️ This information may not be available for logins older than February 2025, when the Login Status feature was introduced.
TOTP (2FA)
This status shows whether TOTP is supported by the login website or platform, or whether it is already enabled. For websites where the login is available, a link to the documentation is also displayed where available.