The Password Check feature when enabled will send a password hash (often also called a digest) to a service to determine if a password has been breached.
When a password is found to exist in the database of breached passwords you will see a security alert like the one below.
Password check searches the database from the popular haveibeenpwned service.
See the security alert page for the action you should take when you see this alert.
To enable or disable the Password Check feature first scroll the menu and tap the Settings button.
Tap the Password Check button in the Security section.
Tap the Scan Database switch to disable the password check feature.
If you want to use an alternative service that conforms to the Hash Check API enter a server URL and tap the Update button.
Afterwards the password check feature will be disabled.
Tap the Scan Database switch again to enable the password check feature.