Watchtower notifications

vadimm
vadimm
Community Member
edited February 2022 in Lounge

Hi,

Recently I installed 1password extension into my secondary browser and it suggested turning on Watchtower notifications. I remember exactly that I have already turned this on while installing 1password extension previously to another browser. I have two questions regarding that:
1) what are watchtower notifications? Is it when Watchtower sees that "previously we had 50 good passwords, now we have 51 good passwords. The number of good passwords increased"? Or is it when Watchtower finds vulnerable passwords in haveibeenpwned.com? But we must perform this look-up manually as far as I understand.

2) do I need to turn on Watchtower notifications every time I install the browser extension? Is it possible to enable Watchtower notifications globally for the account or is it a per-browser-based thing?

--
Thanks,
Vadim


1Password Version: Not Provided
Extension Version: 2.2.3
OS Version: Not Provided

Comments

  • Hey @vadimm:

    Watchtower performs three basic checks. The notifications option applies to Compromised Website warnings.

    • Compromised Website warnings: when a website announces a data breach publicly, we add it to our Watchtower database. The 1Password apps frequently check all your Login items against this database (in a privacy-preserving way, of course). If you have a Login with a website that was breached and your password has not been modified since the breach date, then Watchtower will warn you to change your password. Compromised Website warnings look like this screenshot. If you've enabled notifications, you'll get a device notification the next time you open 1Password.

    • Vulnerable Password warnings: if you've enabled the feature, the 1Password apps will check all your passwords against the Have I Been Pwned Passwords database, and let you know if the password in any of your items has been previously compromised (not necessarily in connection with your account). For example, this would immediately warn you if you changed your password to 123456, regardless of associated website.

    • 1Password Breach Report: you can manually run a Breach Report on 1Password.com anytime – that will check your 1Password account's email address against the full Have I Been Pwned database to check for any breaches you were involved in (possibly including ones that can't be tied to any specific website).

    As it currently stands, the Watchtower notification setting is not synced between 1Password apps, I can definitely see how it would be useful however. Thanks for your feedback on this!

    Jack

This discussion has been closed.