API to fetch data of all employees using weak passwords?
Is there any API that I can use to fetch information about my employees who are using weak passwords?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Can I analyze data around passwords for my company
Comments
-
Hey @uzairahmed ,
This is our complete API: https://support.1password.com/command-line-reference/
Currently there's no way to retrieve weak passwords, you can only retrieve the password fields without any determination on whether they are weak or not. If you have some scripting experience, you can built a script that fetches all the passwords of a user and determines whether they are weak or not (e.g. with rules like "if password length < 12 then it is a weak password").
0 -
Thanks for bringing this up @uzairahmed because I was looking for something similar. @ag_yaron thank you for the recommendation on creating a script. Now remind me is there a way to purge these passwords from shared vaults? Now I am just thinking this through but I am thinking of "if password length <12, force user to update password".
0 -
@Kennyties If you have sufficient privileges/permissions in said shared vaults, you can do whatever you want with them.
However, keep in mind that deleting passwords that are currently in use by users (even if they are weak) might lock the users out of the account in question ;)
0 -
Thanks for clarifying :+1:
0 -
Hello @uzairahmed,
I was able to figure out this entire process.
Here are my steps:
1. I used the .\op list item of by using this command.\op list vaults --group "Group Name" | .\op get vault - | .\op list items| .\op get item - --fields website,username,password --format JSON |ConvertFrom-JSon |
2. I then saved the command as a variable then did a | format-table
3. Then I used a$variablename.where($_.password.length -lt 14})
The last portion of the .length -lt 14 gets password strings less than 14.
4. I then installed the ImportExcel module to save and open the file in excel automatically.
5. I then used this$VariableName.where({$_.password.length -lt 14}) |Get-Process | Export-Excel "File location" -Show
Let me know if you have any questions.
0 -
Thanks for sharing @Kennyties .
I think it is worth noting here that a password's strength is determined by more than just its length. If you have a 12 characters long password that was generated with our generator (including letters, digits and symbols), it would be extremely strong (dare I say quite uncrackable), as opposed to a 14 digits password that a person makes up. However, your solution here is a great way to enforce minimum requirements policy :)
0 -
Sounds good :+1:
0