Feature Request - Analytics of Password Utilization to Prioritize Security Improvements
To make the world a safer place for everyone, and to promote a culture of representing better security as achievable/realistic, I propose a method of prioritizing passwords that should be changed or enhanced.
For anyone starting to use a password manager or importing from another tool, I don't believe it's difficult to imagine someone with 1,000+ passwords or sites to manage. In such an example, one-third might be vulnerable, one-half could easily be reused, and a third to one-half again could be weak passwords. Perhaps ten percent offer passkeys or 2FA.
Still, 1000+ may seem like a terrifying number to tackle, and while a few passwords may get changed, I suspect that most people will never get around to better securing themselves or their world.
Watchtower already does a fantastic job of bucketing vulnerable passwords in one way or another, but what if it could help you prioritize which passwords to update or accounts to enhance your security to have the most significant impact on yourself and the world? What if it showed you how to impact yourself and the world each day positively?
For example, what if there were a way to see a list of the most frequently used sites, accounts, etc., and just worked your way down that list?
Or, what if a risk score was associated with each password, site, or account that was frequently used on two or more of those lists? And what if an account or password that's compromised and reused across multiple sites is flagged to show all of those sites, accounts, or passwords as being more vulnerable to exploitation now because of their risk overlap? Or, sites with non-routable addresses or hostnames reduce their risk score calculation, etc.
And what do you do in a family, team, or enterprise environment where you are not directly familiar with the site or account because your child uses it, or a former employee or team member has it, etc... A risk score, and/or a utilization rate, or even a table of all of those values could provide the context that an admin or new employee or parent could use to make the biggest different each day.
I believe such analytics would help someone recognize the best bang for the buck for their time and actions by updating their security credentials. Also, they'd feel good knowing they're making a tangible difference for themselves and the rest of the world.
I value your thoughts and feedback on this proposal. Please share your insights and suggestions to further enhance our collective understanding and approach to password management.
1Password Version: 8.1
Extension Version: 2.25.1
OS Version: Windows 10
Browser: Chrome
Comments
-
Thanks @jtcp27827
I've brought your suggestions before the products team for possible consideration. I can't make any promises on when/if something like this might be possible.
ref: PB-40979626
1
