1password say password is on haveibeenpwned.com - haveibeenpwned.com can't find it!

clearbrian
clearbrian
Community Member
edited May 2019 in 1Password in the Browser

Hi
I installed the latest Chrome for Mac 1Password extension.
I did a search by email address e.g. cloud@mydomain.com NOT REAL JUST EXAMPLE
And red label says this password found on haveibeenpwned.com
But when I go to haveibeenpwned.com email address not found?

Which one is wrong?

1Password Version: Version 6.8.8 (688001)
Extension Version: 1.15.1
OS Version: MacOs 10.14.4 Mojave
Sync Type: 1pwd account

Comments

  • troyhunt
    troyhunt
    Community Member

    1Password is saying that the password has been seen in a previous data breach. Have I Been Pwned is saying that the email address hasn’t been seen in a breach. It’s likely someone else used the same password and it appeared in a breach.

  • rudy
    rudy

    @clearbrain,

    @troyhunt has pegged this one exactly. The password itself was found in one of the haveibeenpwned.com breach datasets, and the website shows that it wasn't your specific email address combined with that password that was in a breach. While your specific combination isn't compromised here, it's still probably a good idea to pick a different password for this account since at least one other person in the world has chosen that exact same password.

This discussion has been closed.