Is it possible to see whether anyone has reused passwords and/or compromised passwords?

Bobtb
Bobtb
Community Member

Hi, currently going through a Business trial period, exploring available options and reporting information.
I've been comparing different password managers and so far most have everything I'm looking for, except 1 feature another one does have.
In the case of 1Password, having vaults not connected to a user account is a major pro.

What it is lacking though, in my humble opinion, is a little extra reporting in which I can see password "health" for my team members.
I don't need to know the exact details, of course, but it would be nice to be able to explain to a team member that they really should avoid using duplicate passwords as much as possible, or ask them to take action if the number of potentially compromised passwords doesn't get reduced in time.

See below for an example, from one of your competitors. Each row is a different person.


1Password Version: 7.6.791
Extension Version: 1.24.1 (beta)
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:document shared vault

Comments

  • ag_max
    edited February 2021

    Hi @Bobtb! Welcome to the 1Password Support Community.

    I'm glad to hear you're taking some time to explore the features in 1Password Business. I'll start by briefly covering some features that I think may accomplish what your team is looking for and then address your helpful feedback at the end.

    At an individual level in 1Password Business, team members can create reports to see if their passwords were affected in known breaches, check for vulnerable and compromised passwords, and see a list of all items containing reused passwords. Furthermore, team members and administrators can also view the overall strength of saved passwords in each accessible vault, including passwords saved in shared vaults. More on that here:

    Use Watchtower to find passwords you need to change

    Those in the Security group of a 1Password Teams or Business account can run a Domain Breach Report to see which members of their organization have data found in known breaches. You can notify colleagues affected by a data breach and even invite those who aren't currently using 1Password to join your team:

    Create a domain breach report for your company

    While there isn't presently a feature where an administrator or account owner can inspect the overall strength of a team member's passwords (including those in a person's Private vault) and nudge them in the right direction, I'll be happy to pass on your feedback to our development team for further consideration. I can certainly see the value of allowing an administrative team track the overall health of their team and promote good password hygiene, which would benefit everyone in the organization. I hope this helps and thank you for taking the time to share your feedback.

    Keep me posted if there is anything else I can do to assist!

    ref: internal/business-roadmap#13

  • Bobtb
    Bobtb
    Community Member

    Thanks for your reply. I was already aware of the watchtower though.
    If you could pass my request on to the development team, that would be nice.
    I'll see if it becomes a feature or not. So far it's not a deal breaker!

  • No problem, @Bobtb. I've gone ahead and recorded your request in our internal database so that our development team is made aware.

    Thanks again for taking the time to share your feedback. :)

This discussion has been closed.