Clipboard Sensitive Data Checker

Detect passwords, credit card numbers, SSNs, API keys, emails and phone numbers in your clipboard before you paste into a chat, email, or form. All checks run locally — zero data is sent anywhere.

Step 1 — Load clipboard or paste text manually

Private by design. Analysis runs entirely in your browser. Your text never leaves this page.

* Clipboard API not available — paste text manually above.

How it works

The checker scans your text with a set of pattern matchers, each targeting a different category of sensitive data. Every pattern runs entirely in JavaScript inside your browser — no network request is made at any point.

Password candidates Strings 16+ chars mixing uppercase, digit and symbol — a common strong-password profile.

Credit card numbers Matches 13–19 digit card numbers (Visa, MC, Amex, Discover) and validates them with the Luhn algorithm to cut false positives.

US SSN / JP My Number Detects the XXX-XX-XXXX Social Security format and the 12-digit Japanese Individual Number.

API keys & secrets Recognises common prefixes: sk- (OpenAI), ghp_/github_pat_ (GitHub), AKIA (AWS), xoxb-/xoxp- (Slack), AIza (Google), EAA (Meta), Bearer tokens.

Email addresses Standard RFC-style email detection. Flags as MEDIUM — emails alone may be acceptable in many contexts.

Phone numbers Matches E.164-style internation numbers and common US/JP formats. Flagged MEDIUM.

Frequently asked questions

Does this tool send my clipboard text to any server?: No. The entire check runs in client-side JavaScript inside your browser tab. You can verify this by turning on airplane mode and trying the tool — it still works perfectly because no network call is ever made. The source code of this page is the full implementation.
What does the Luhn algorithm check and why does it matter for credit card detection?: The Luhn algorithm (ISO/IEC 7812) is a simple checksum formula used to validate identification numbers, including credit card numbers. Every real card number passes Luhn; a random 16-digit string usually does not. Running Luhn on each candidate dramatically reduces false positives — for example, a tracking number or order ID that happens to be 16 digits would not be flagged unless it also passes the checksum.
Why would I have sensitive data in my clipboard without knowing?: It is easier than you think. You might have copied a password from a manager to paste it elsewhere, then copied something else — but the password is still in your clipboard history. Or a developer might copy a .env file snippet containing API keys. This tool is a quick sanity check before pasting into a chat message, a public issue tracker, a shared document, or a screenshot that could be posted online.