When Watchtower discovers that a you have a account that has been compromised, it should

jackiam

When Watchtower discovers that a you have a account that has been compromised, it should send you a system notification on IOS and macOS. Right now I have to manually look at the watchtower tab to see weather a account has been compromised.

---

1Password Version: 7 beta 6
Extension Version: 7 beta 6
OS Version: macOS 10.13.4 (17E199)
Sync Type: iCloud

MrRooni

@jackiam This is a great idea, thanks for writing in with it! I don't believe we'll be able to do anything with it in 1Password 7, but I will keep it in mind for a future update.

jackiam

Great, thank you MrRooni.

Ben

:+1: :)

Ben

OAW

I second this motion!

Ben

Thanks for the feedback, @OAW.

Ben

RNPeer

I would love to see this as well!

I came into the iP7 beta from the haveibeenpwned website (long time 1Password user).

At the very least I would like to have all passwords that are on the pwned DB (either associated with a pwned username, or the password by itself) show up in Watchtower (regardless if that specific account/website is listed as compromised). I am currently doing a search --> expand to all fields with known compromised passwords (and all new passwords are randomly generated--thank you AgileBits team!).

Ben

Thanks @RNPeer. Something we can discuss for the future. :)

Ben

RNPeer

Thank you @Ben. I did some more reading after I posted this last night, and learned about the initial password check implementation with haveibeenpwned.

Really, once a password has been identified as being in the DB, is there a way to flag the password strength as “weak” (or better: “compromised”)? Then utilize Security Audit to find all “weak” and especially “compromised” passwords.

Lars

@RNPeer

once a password has been identified as being in the DB, is there a way to flag the password strength as “weak” (or better: “compromised”)?

Not currently; the integration with haveibeenpwned is quite new. However, that's certainly something worth considering for the future, as we increase the usability and functionality of it. Thanks for the suggestion!

polarweasel

Add my vote to this one. Having to manually check every one of my 500+ logins, and then re-check periodically...ugh. I suppose I should check whether this one is AppleScriptable, but really, it seems like a perfect candidate for a nightly/weekly/whatever check while the machine is idle.

Ben

Thanks. :) I don’t believe it is going to be scriptable at present but hopefully we can offer some further tools in this regard in the future.

Ben

polarweasel

Nope, I checked, and 1P has no AppleScript dictionary at all.

Ben

I thought that was the case, but thanks for confirming.

Ben