To protect your privacy: email us with billing or account questions instead of posting here.

Have I Been Pwned - Nothing reported in Watchtower

MorgothSauron
MorgothSauron
Community Member

Sorry if it's not the right place, but I'm using 1 Password web (Linux)

A while a go I read an article about a partnership between 1Password and "Have I Been Pwned":
https://techcrunch.com/2018/03/29/1password-nets-partnership-with-have-i-been-pwned/?

Today I received an email from "Have I Been Pwned" (people found in a new spam list). Is it supposed to show something in Watchtower ? I have nothing many hours since I received that email. Please clarify what is expected from this partnership.


1Password Version: web
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @MorgothSauron: I'm not sure we're on the same page here, but I've moved your post to the Memberships category since (I think) you're using the web interface with a 1Password.com membership. Let me know if that's not the case.

    I don't completely understand the rest of your comments either I don't think, but you can access Watchtower in the sidebar of the 1Password.com web interface when viewing a vault, and that will scan the items there to tell you which need to be acted on and why. Does that help?

  • MorgothSauron
    MorgothSauron
    Community Member

    Sorry if I was not clear enough.

    I received an email from "Have I Been Pwned" (people found in a new spam list), but there was nothing showing in Watchtower. I know how to access Watchtower, but there was nothing that could be related to what I received from "Have I Been Pwned"

  • Hi, @MorgothSauron.

    It sounds like the email you received may have been related to this breach: https://haveibeenpwned.com/PwnedWebsites#TrikSpamBotnet. Is that correct? If so, then what you're seeing makes sense.

    There are two main parts of HIBP: Pwned Websites and Pwned Passwords. Our integration with HIBP is using the Pwned Passwords part. It checks your passwords against the service's list of compromised passwords (without transmitting the passwords themselves). The email you received, though, is from the Pwned Websites part. It is telling you that it found your email address in that breach. That may be helpful information for you, but it does not mean you need to change any of your passwords.

    I hope that helps!

  • MorgothSauron
    MorgothSauron
    Community Member

    Hello @rob,
    You are right: the email I received was about TrikSpamBotnet.

    I was due for a password change anyway :)

    Thanks to your clarification I now understand what I was seeing.

  • No problem! :)

This discussion has been closed.