WatchTower Admin Reports

ITMGR
ITMGR
Community Member
edited August 2022 in Business and Teams

I feel strongly that a great value add for Business customers would be a WatchTower report at the admin level. Using business funds to provide security tools to employees that have the ability to detect weak, compromised, vulnerable and re-used passwords but no admin access to that information seems like a missed opportunity. Having faith based policies with no ability to enforce or monitor does not work. Please consider this for future development. Thank you!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Ben
    Ben
    edited August 2020

    Hi @ITMGR

    We do have some spiffy new Watchtower-like reporting at the admin level that you may be interested in checking out:

    Create a domain breach report for your company

    I hope that helps. Should you have any other questions or concerns, please feel free to ask.

    Ben

  • ITMGR
    ITMGR
    Community Member

    Is this essentially checking against haveibeenpwned? I guess what I am trying to say is that this tool already has access to critical information that IT Security need to know, it shouldn't be left up to the end user. This should be an easy ask from the development team / Product Manager as there is a huge missed value add opportunity being left on the table here.

  • @ITMGR

    It does have integration with haveibeenpwned, yes. :) Could you please elaborate on what it is you're looking for that is not already available in the report?

    Thank you!

    Ben

  • ITMGR
    ITMGR
    Community Member

    I want to see a rollup of the same information that is included in WatchTower.

    1. User A has 14 vulnerable passwords.
    2. User B has 25 reused passwords.
    3. User C has 9 weak passwords.
    4. User D hasn't changed their passwords in 2 compromised websites.
    5. User E has credentials in 3 unsecured websites.
    6. User F is not taking advantage of 2FA features in 4 websites.
  • I see; thanks for the suggestion, @ITMGR. :) I'll be sure to let our business team know of this request.

    Ben

  • denmirg
    denmirg
    Community Member

    This would actually be a killer feature, that I don't think any competition has now. I was looking exactly for this in the business/enterprise package.

  • @denmirg

    Thanks for weighing in here. Our development team is always taking into account user feedback, so I appreciate you sharing this today.

  • ngaudin
    ngaudin
    Community Member

    Hello. This feature is key for CISOs to make sure there is no security holes. Dashlane has it.

  • Thanks for taking the time to share this, @ngaudin. We'll make sure your feedback reaches the rest of the team. :+1:

  • Christian_XYZR
    Christian_XYZR
    Community Member

    I would also like to have it. Would be great

  • Thanks for letting us know, @Christian_XYZR.

  • jduhon
    jduhon
    Community Member

    We would also LOVE this feature!

  • Noted, @jduhon. Thanks for letting us know this is something you're interested in. 👍

  • wavesound
    wavesound
    Community Member

    +1!

  • Appreciate you sharing your vote, @wavesound.

  • ConnorB
    ConnorB
    Community Member

    +1 from me also, this would be a great feature.

  • Thanks for taking time to share this, @ConnorB.

  • davidwales
    davidwales
    Community Member

    We're currently scoping password managers for our organisation, and this is one of our requirements. I mistakenly thought 1password already had this until I went looking for it in the free trial and couldn't find it.

  • Hi @davidwales,

    While there isn't currently a central report to view all Watchtower information for your team, we have two features that can help in the meantime:

    1. You can create a domain breach report to determine if anyone with a company email address has been affected by a data breach.

    2. Use Watchtower to see a list of any reused, weak, and vulnerable passwords that were affected in known breaches. This report is accessible for any shared vault on your team.

    Our development team is committed to expanding this list to provide administrators with more tools to better manage their team. I'd encourage you to contact our Business team so they can work with you to discuss your requirements. You can contact them at business@1password.com.

  • wavesound
    wavesound
    Community Member

    +1

  • Thanks, @wavesound 👍

  • Hey folks,

    I want to thank everyone for their feedback about Watchtower and reports in 1Password. It's been some time since this thread was created, and we don't want to keep sending emails to the original poster after all this time. For that reason, I'm closing out this thread to prevent further replies, but I'd encourage anyone with additional comments to start a new post here on our community site, or to Contact 1Password Support directly.

    If you haven't seen it yet, check out our guide to Use Insights to identify and fix security risks to your company. Insights is a new feature for 1Password business that addresses some of the requests we've seen here.

    Thanks again for all of your feedback!

This discussion has been closed.