# Credentials API The Credentials API allows you to securely lookup whether a given username/password combination exists in our database of compromised account credentials. The typical example where this API can be useful is on a website’s login form. As users login, you can check their credentials against this API to ensure that they have not been compromised. In the event that a user’s credentials have been exposed, you can force them to reset their password or take other corrective action. In this way, you can prevent cybercriminals from logging in using stolen credentials. The Credentials API offers two different options for checks: the Hashed Credentials API and the Cleartext Credentials API: * **Hashed Credentials API**\ This API employs a multi-step sequence where you hash your user's credentials locally and compare them against the results from the Enzoic database. It is highly recommended to use one of the pre-built [Enzoic Libraries](/enzoic-api-developer-documentation/libraries.md) and not attempt to utilize this API directly. * **Cleartext Credentials API**\ This API returns cleartext passwords for a given email address, allowing you to compare locally against the password you have for the user. While this API is easier to use and more flexible in terms of use cases, given the extremely sensitive nature of its data it requires extensive vetting and special permission to use. {% content-ref url="/pages/ZJQvnD3Kuq9GtxdpJypY" %} [Hashed Credentials API](/enzoic-api-developer-documentation/api-reference/credentials-api/hashed-credentials-api.md) {% endcontent-ref %} {% content-ref url="/pages/yT73lQmRVXwIHHJemA83" %} [Cleartext Credentials API](/enzoic-api-developer-documentation/api-reference/credentials-api/cleartext-credentials-api.md) {% endcontent-ref %} {% content-ref url="/pages/5SyovL8ZCy7rJLnRChHv" %} [Test Accounts](/enzoic-api-developer-documentation/api-reference/credentials-api/test-accounts.md) {% endcontent-ref %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.