How can I disable vulnerable passwords service?

Options
prencipeg
prencipeg
Community Member
in Mac

Hello, is it safe the service of vulnerable password? Then, if I do not want to use it, on my Mac I have simply to switch off the function, but how can I disable the service on the website? I think that is always active. Thank you.

1Password Version: Not Provided
Extension Version: 7.3.2
OS Version: OS X 10.14.6
Sync Type: Not Provided
Referrer: forum-search:disable vulnerable

Comments

  • ag_ana
    ag_ana
    1Password Alumni
    Options

    Hi @prencipeg! Welcome to the forum!

    Are you perhaps referring to Watchtower?

  • prencipeg
    prencipeg
    Community Member
    Options

    Yes, about the function of haveibeenpaned

  • prencipeg
    prencipeg
    Community Member
    Options

    I want to know if the service offered by haveibeenpwned and integrated in one password is safe. Because I read that there are some conditions for which is better to switch off the function of "Vulnerable passwords". In case, I want to know how to switch off it on the website (I know only the procedure on the Mac app).

  • ag_ana
    ag_ana
    1Password Alumni
    Options

    @prencipeg:

    Thank you for the clarification. The integration that Watchtower uses is indeed safe. We have a documentation page about Watchtower privacy, if you want to know the details :)

    You cannot disable the feature on the website, but the vulnerable password feature can only be activated by you manually. So if you don't want to use it, you can simply ignore it and Watchtower won't include those results in the report.

  • prencipeg
    prencipeg
    Community Member
    Options

    Ok thank you. Do you suggest to use the vulnerable password feature? Because I don’t understand this: “ Your passwords are never shared with the Pwned Passwords service. However, if you have similar weak passwords like MySekret1 and MySekret1!, there’s a risk that Have I Been Pwned could learn your passwords if they acted maliciously. Strong, unique passwords created with the password generator in 1Password are not at risk“.

  • AGAlumB
    AGAlumB
    1Password Alumni
    Options

    @prencipeg: haveibeenpwnd.com uses hashes of passwords to compare them without actually knowing the passwords. But if you have a very weak password, the server could know which password you have based on existing breaches because it will match what it has in its database. If you change any weak passwords to make them stronger, you'll be in good share though. :)

  • prencipeg
    prencipeg
    Community Member
    Options

    Thank you very much :)

  • ag_ana
    ag_ana
    1Password Alumni
    Options

    You are welcome! If you have any other questions, please feel free to reach out anytime.

    Have a wonderful day :)

This discussion has been closed.