1Password will check passwords via Have I Been Pwned

Spread the love

1Password is one of the first services to use Have I Been Pwned’s updated database to verify entered passwords. For now, it is still a proof of concept.

To check passwords, 1Password hooks into Have I Been Pwned’s Pwned Passwords database. On Thursday it was announced that security researcher Troy Hunt has expanded that database and made it available to other parties, who can access it via an API, among other things.

1Password’s proof of concept allows users of the online password manager to verify that a password they want to add is in its database of more than 500 million leaked passwords. After logging in and opening a Vault, users can use the key combination Shift-Control-Option-C to bring up the proof of concept.

“If your password is found, it does not immediately mean that your account is insecure. Someone else can use the same password,” reports 1Password, which advises changing a password anyway. The service will add the link with Pwned Passwords to its Watchtower service for 1Password subscribers, which already warns against the use of vulnerable passwords.

You might also like
Exit mobile version