haveibeenpwned multiple email addresses & Security
Hi there,
Currently, when i run the security check through the 1password website it searches for my primary email address only ( The one associated with my account). I have multiple email accounts that i use in 1password, is there a way for the security check to include them all?
I also noticed another security check for passwords available to me, does this mean my passwords are decrypted and sent to a third party? I thought my passwords were never revealed to anyone but myself as i have the master key. Please clarify this.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:haveibeenpwned
Comments
-
Hi there, Currently, when i run the security check through the 1password website it searches for my primary email address only ( The one associated with my account).
@Gfivenine: I hear you, but you probably don't want any random person to be able to search your email address for vulnerable accounts in an automated fashion. I know I don't. And the terms of using the HIBP API are that we don't misuse it to enable bad behavior like that.
I have multiple email accounts that i use in 1password, is there a way for the security check to include them all?
No. Hopefully my explanation above helps clarify why, but let me know if you have questions.
I also noticed another security check for passwords available to me, does this mean my passwords are decrypted and sent to a third party? I thought my passwords were never revealed to anyone but myself as i have the master key. Please clarify this.
1Password generates a hash locally, downloads a partial hash from HIBP, and then compares them locally. That's why it can take a bit of time, especially in the 1Password.com web interface: it takes a bit of processing.
Anyway, I hope this helps. Be sure to let me know if you have any other questions! :)
0
