Jump to content
support

Have I been Pwned warning message

Recommended Posts

We've had requests in another thread to have the "Have I Been Pwned" feature warn users that the password they have just entered is on the known list of compromised passwords, ie it's in the have I Been Pwned repository.  Currently we deny users from saving the password if it's been compromised, but this feature request is to warn them , and still give them the option to save.

 

If this is a feature you'd like to see, please upvote/comment/+1 to this thread:)

 

Regards,

Support.

Share this post


Link to post
Share on other sites

+1

 

To clarify - blocking save on validation failure prevents changing other details on an entry that already exists - so you can end up editing a password to change details and not being able to save until you update the application or device using that password (plus any dependencies).

Share this post


Link to post
Share on other sites

Hi Guys,

 

This is come in the next release, including a report across all shared Password List, an icon on the Passwords screen as well, and a new menu for doing ad-hoc queries as well.

Should have the release out in a few days.

Regards

Click Studios

 

 

Share this post


Link to post
Share on other sites

Hi All,

 

Today we have released build 8600 of Passwordstate, which includes a few new haveIbeenpwned features:)  Here's a list:

 

1. New report which queries all shared Passwords in your system against the haveIbeenpwned database, and advises which ones to change

2019-02-04_14-02-37.png

 

2. A new tool to check passwords against the online haveibeenpwned repository

2019-02-04_13-56-32.png

 

3. Also a new icon on Password Lists to quickly check the current password against the online repository:

2019-02-04_13-45-47.png

 

4. If you have this option unchecked on your Password List, and are using the haveibeenpwned online repository under Administration -> Bad Passwords, then the user will get a warning about the password being compromised before they click Save.  It's up to the user if they want to Save or not:

2019-02-04_14-00-09.png

 

2019-02-04_14-00-44.png

 

5. You can run a Report at a Password List Level to show which Passwords in that list have been compromised.  This is handy for users who have Private Password Lists they want to check against.

2019-02-04_14-20-43.png

 

 

We hope this helps!

 

Regards,

Support

Share this post


Link to post
Share on other sites

×
×
  • Create New...