new password said to be compromised

Bronwen224466
Bronwen224466
Community Member
in Mac

I created a new password for a document in Apple Pages, and immediately 1Password said it was compromised. It was a poor password, but it was not a really important thing to be protected in that way. But it could not have been compromised when it had only just been created. So why does 1Password say it was compromised in a data breach according to haveibeenpwned.com? Also, in a separate question, 1Password tells me that for certain websites, I don't have 2 factor authentication enabled when I do. Why? Thank you.

1Password Version: 7.0.7
Extension Version: Not Provided
OS Version: 10.13.6
Sync Type: 1Password
Referrer: forum-search:new password compromised

Comments

  • Ben
    Ben

    Hi @Bronwen224466

    1Password's Watchtower feature isn't checking if the password was stolen from you. It only knows if the password has been published in a database. Just because it wasn't stolen from you doesn't mean the same password wasn't stolen from someone else. :) 1Password will only show that warning when the password matches a record in a database of compromised passwords.

    As for 2 factor authentication -- 1Password only knows you're using 2FA if you are using 1Password to generate the TOTP codes for that site. If you are using a 3rd party app or SMS 1Password has no way of knowing.

    Use 1Password as an authenticator for sites with two-factor authentication

    If you'd prefer to continue using something other than 1Password (or the site uses something other than TOTP for 2FA) you can add a "2FA" tag to the item Watchtower will no longer flag it.

    Ben

This discussion has been closed.