Password Audit

Password Audit in Enpass is a local scanning process to look for weak, identical, expiring and old passwords, and categorizes them accordingly. It helps you keep a regular check on your passwords to avoid any compromise in data security and last moment rush to change expired passwords.

Weak Passwords

  • To check all the weak passwords in Enpass, go to the sidebar > Password Audit and tap on Weak.

Note

Passwords those found as pwned will also be listed there as weak. Please note that you need to manually check for pwned passwords as Enpass will not itself connect to haveibeenpwned.com to check pwnage of your passwords.

Tip

Enpass lets you mark the items which you want to exclude from Password audit. the password field of the item.

Identical Passwords

Using the same password in multiple online accounts is a bad practice and puts your accounts at risk. If any one of these accounts is compromised, all you other accounts are at risk. Password Audit finds all such items having identical passwords. You can change them to strong and unique passwords using the built-in password generator of Enpass.

  • To check all the identical passwords in Enpass, go to the sidebar > Password Audit and tap on Identical. You can now see the list containing all the items having matching passwords. All such items will be separated by list headers mentioning first two letters of password and count of such items.
_images/audit_identical.png

Old Passwords

Password Audit in Enpass also categorizes your passwords based on their age in Enpass. They are categorized as

  • 3+ years old
  • 1-3 years old
  • 6-12 months old
  • 3-6 months old

Expiring Passwords

Enpass allows you to set expiry date to passwords. You’ll find the list of the passwords expiring in a day, in a Week, or a Month.

  • To check all the expiring passwords in Enpass, go to the sidebar > Password Audit and click on Expiring. You can now choose any of the expiring password lists.
_images/expiring_password.png

Note

The passwords which have been exluded from the Password Audit will not appear in the Password Audit results.