Companies can use the data in their back-end systems to improve password security. When someone registers a new account the provider can compare their chosen password with the list, and warn them if it's been compromised before. They can then be encouraged or forced to choose a more secure alternative.

Individuals can also play with the data online, although Hunt advises you don't check any passwords you currently use, for obvious security reasons. "The intention is to use that in a retrospective fashion," he writes in a recent blog post announcing the service.

"As well as people checking passwords they themselves may have used, I'm envisaging more tech-savvy people using this service to demonstrate a point to friends, relatives and co-workers: 'you see, this password has been breached before, don't use it!'" he says. "If this one thing I've learned over the years of running this service, it's that nothing hits home like seeing your own data pwned."

The service has largely been prompted by revised password guidance from the National Institute of Standards and Technology (NIST) and the UK's National Cyber Security Centre, which very clearly states providers shouldn't allow people to use a password that's been breached before. But with 306 million passwords now blacklisted, coming up with a suitable new one could take a while.