1PX Watchtower
Hey,
Would it be possible to include an indicator that indicates to the 1P X icon that there is a message in Watchtower?
That there are compromised logins.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Something like that:
https://i.imgur.com/bjDCI6gl.jpgSo you know immediately that 1PX has a message for you.
And how does 1PX Watchtower check exactly compromised logins?
Does that mean that information is transferred from my vault?0 -
EDIT:
Ok i found the Informations:
https://support.1password.com/watchtower-privacy/#checking-for-vulnerable-passwords"The first time you use Watchtower, you can opt in to the Pwned Passwords service provided by haveibeenpwned.com."
I can not remember. Can I check if it is activated?https://support.1password.com/watchtower-privacy/#checking-for-compromised-websites
"1Password downloads Watchtower information from c.1password.com to check your websites on your devices."How often will this be updated?
And please translate Watchtower in 1PX in German. It is currently still in English.
That would be nice. :)In the Web Vault --> Click on Watchtower. The Site is in the German Translation wrong.
https://i.imgur.com/fSNRwPs.jpg0 -
Hello @blaxxz,
If you visit the Watchtower section on the web interface you should see an overview. If the vulnerable passwords section doesn't show a link with the text
Enable and run checkthen you've enabled it in the past. Both our own Watchtower database and Troy's haveibeenpwned are updated as needed, there isn't a schedule but just as new reports surface that should be included.0 -
And Troy's haveibeenpwned is safe to use for my Vault?
And then both databases are always used?0 -
Hello @blaxxz,
Just personally I trust and respect everything Troy has done, I'm a fan and consumer of his pod casts. Speaking on behalf of 1Password we would never have teamed up with him if we didn't feel safe doing so not only with our own data but our users as well. Of course we do still leave control with the user but if you check out the system first a hash of your real password is created and then only the first part of the hash is sent. So the result you get back reveals very little about your password and the same hash result gets returned for a large number of different actual passwords. It works because his service provides our client enough information to know for sure but does so only on your device even if in the web interface. Does that make sense?
That would result in both databases being used yes.
0 -
@littlebobbytables thank you :)
@brenty I hope that I could explain it understandably.
0 -
Hi @blaxxz,
If I was helpful and you found it useful then I'm happy :smile: If you have any other questions about any aspect of 1Password please do let us know.
0 -
@littlebobbytables I think i found a bug in 1PX with Watchtower.
I have send an eMail to the Support.0 -
Thanks! We'll continue the conversation via email. :)
ref: EZH-95594-442
0 -
Thank you. I Answered you. :)
0 -
Thanks for the update! We'll get back to you ASAP.
0 -
Does the watchtower in 1P also check the individual items as here in KeePass?
0 -
Watchtower checks Compromised Logins and Vulnerable Passwords in the apps, and also the registered email address in a 1Password membership account.
0
