I was just testing with www.Leakedin.com for a possible breakup of my LinkedIn password. I gave my password and said it is leaked. But when I placed a random value, like dsfsfgfdsgsd it said hoorah!, not leaked. So, the onus is on the users, who don't want their passwords to be leaked, rather than depend upon someone to keep it safe.