new password said to be compromised
I created a new password for a document in Apple Pages, and immediately 1Password said it was compromised. It was a poor password, but it was not a really important thing to be protected in that way. But it could not have been compromised when it had only just been created. So why does 1Password say it was compromised in a data breach according to haveibeenpwned.com? Also, in a separate question, 1Password tells me that for certain websites, I don't have 2 factor authentication enabled when I do. Why? Thank you.
1Password Version: 7.0.7
Extension Version: Not Provided
OS Version: 10.13.6
Sync Type: 1Password
Referrer: forum-search:new password compromised
Comments
-
1Password's Watchtower feature isn't checking if the password was stolen from you. It only knows if the password has been published in a database. Just because it wasn't stolen from you doesn't mean the same password wasn't stolen from someone else. :) 1Password will only show that warning when the password matches a record in a database of compromised passwords.
As for 2 factor authentication -- 1Password only knows you're using 2FA if you are using 1Password to generate the TOTP codes for that site. If you are using a 3rd party app or SMS 1Password has no way of knowing.
Use 1Password as an authenticator for sites with two-factor authentication
If you'd prefer to continue using something other than 1Password (or the site uses something other than TOTP for 2FA) you can add a "2FA" tag to the item Watchtower will no longer flag it.
Ben
0