diff --git a/Gemfile b/Gemfile
index 87b5cb5..d7faec8 100644
--- a/Gemfile
+++ b/Gemfile
@@ -61,3 +61,5 @@ group :test do
 end
 
 gem "authentication-zero", "~> 3.0"
+# Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]
+gem "pwned"
diff --git a/Gemfile.lock b/Gemfile.lock
index 04d2a28..4c9b6a0 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -104,7 +104,16 @@ GEM
       reline (>= 0.3.8)
     drb (2.2.1)
     erubi (1.13.0)
+    ffi (1.17.0-aarch64-linux-gnu)
+    ffi (1.17.0-aarch64-linux-musl)
+    ffi (1.17.0-arm-linux-gnu)
+    ffi (1.17.0-arm-linux-musl)
+    ffi (1.17.0-arm64-darwin)
+    ffi (1.17.0-x86-linux-gnu)
+    ffi (1.17.0-x86-linux-musl)
+    ffi (1.17.0-x86_64-darwin)
     ffi (1.17.0-x86_64-linux-gnu)
+    ffi (1.17.0-x86_64-linux-musl)
     globalid (1.2.1)
       activesupport (>= 6.1)
     i18n (1.14.5)
@@ -176,6 +185,7 @@ GEM
     public_suffix (6.0.1)
     puma (6.4.2)
       nio4r (~> 2.0)
+    pwned (2.4.1)
     racc (1.8.1)
     rack (3.1.7)
     rack-session (2.0.0)
@@ -349,6 +359,7 @@ DEPENDENCIES
   jbuilder
   letter_opener
   puma (>= 5.0)
+  pwned
   rails (~> 7.2.0)
   rubocop-rails-omakase
   selenium-webdriver
diff --git a/app/models/user.rb b/app/models/user.rb
index 20ccbba..0a0fd6a 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -13,6 +13,7 @@ class User < ApplicationRecord
 
   validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
   validates :password, allow_nil: true, length: { minimum: 12 }
+  validates :password, not_pwned: { message: "might easily be guessed" }
 
   normalizes :email, with: -> { _1.strip.downcase }