Compromised Websites: Old Passwords

leesweet

Love the new Compromised Websites functionality but why is it flagging password entries (as well as current logins)? I remember discussing this in another context where password records were supposed to be filtered out.

Ben

Hi @leesweet

I'm not sure why we would filter out password items, however, if these items are no longer relevant then it may make sense to delete them?

Ben

leesweet

The point was, by default, 1P saves them and flags them, as well (in the same list) the current website. What's the point of flagging the password entries? Are they the source of the 'history' in the website entry or is that separate? Seems like they shouldn't show up since you can't use them directly, correct?

Ben

The point was, by default, 1P saves them and flags them, as well (in the same list) the current website. What's the point of flagging the password entries? Are they the source of the 'history' in the website entry or is that separate?

One of their purposes is as a record for the password generator, until converted to a login. That is not their only purpose though. Also: what about cases where someone forgets or there is a glitch and the password item is never converted to a login? Wouldn't you still want to know if the site that password were for is compromised?

Seems like they shouldn't show up since you can't use them directly, correct?

You can. Obviously because they are lacking a username field they won't be able to fill your username, but they can fill your password. :)

Ben

leesweet

Yeah, I just think they aren't a 'compromised' site. So, if we don't need an old password, we can delete them from there, correct?

Ben

Correct. :)

Ben

leesweet

Gotcha, thanks much!

Ben

You're very welcome. If we can be of further assistance, please don't hesitate to contIf there is anything else we can do, please don't hesitate to contact us.

Ben