Notifications from WatchTower

It looks like the only way to know if a password/login has been flagged by WatchTower is to check the Vault that password is in, correct? Like there is no proactive alerting that can be done to say a login to a site has been flagged by WatchTower as compromised, correct?

This is for 1Password Business.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hello @NeckBeardPrince,

    You are correct, watchtower checks items in the selected vault. If you were to select "All Vaults" Watchtower will checks items in all vaults that you have access to. This will alert you to vulnerable passwords in any vault.

    Please let us know if I missed the mark there. You can also use https://watchtower.1password.com/ to get Watchtower reports for any website you currently don't have logins for, but might want to know of any recent breaches on.

  • NeckBeardPrince
    NeckBeardPrince
    Community Member

    Let me give some context.
    We have a in-house Security Team, they want to make sure that every Vault has WatchTower enabled and also get a report of any flagged items in the Vaults from WatchTower. It looks like we would have to give each member of that Team, Manage Vault access to every Vault. Then they would have to run through each and every Vault and view the WatchTower report manually? Right now I'm talking about using the webui not the 1Password client.

    I would prefer to not have to give the Security Team access to tons of Vaults that they don't necessarily need Manage access to.

  • Unfortunately anyone wanting a Watchtower report on the contents of a vault will need permissions on that vault. This insures that not just anyone can get information that could be used to determine which passwords/logins are vulnerable.

    When using the web client you do need to select a vault before you can get the Watchtower report for that vault. Perhaps you could use one of the native apps for this purpose?

    We appreciate the feedback, improving the administrative reporting for business users is a high priority for us.

This discussion has been closed.