Checking Password Health

You can check the health of saved passwords using Audit. Audit tells you about data breaches, compromised passwords, and potential security problems with the items you have saved in Enpass. It keeps you on top of security as you don’t need to keep a check on each item.

_images/Audit.png

Audit highlights the security concerns and sorts them into separate categories so you can identify the affected passwords.

If any of your items require action, you’ll see an alert at the top of the item listed in Audit.

Websites

Under Website section, you can see all the accounts saved in Enpass whose websites have suffered data breaches in the past along with the list of login items supporting Two-Factor authentication.

Breached

Here, you will see the list of the logins for those websites where a security breach has been reported, and you haven’t changed your password since the breach.

To check for breached accounts in Enpass, go to Audit > Tap on Breached.

_images/audit-and-breached.png

For all such items, you will see a warning at the top of the item’s details page until you change the password.

_images/breached_details.png

Caution

We recommend that you immediately change the passwords for accounts that are listed under Breached.

2FA Supported

Here, you can see the list of accounts for websites that support two-factor authentication but don’t have a one-time password saved in Enpass. You can go through the list and choose not to save the one-time codes for those logins in Enpass where you’re using any other method like call, email, or text for second-factor authentication.

To check for 2FA compatible logins in Enpass, go to Audit > Tap on 2FA Supported.

_images/audit-and-2fa.png

You can see details for the item that supports 2FA authentication.

_images/2fa_details.png

You can save One-time codes for the items in Enpass which have been listed under 2FA Supported to enhance account security.

Passwords

Here you can view the list of items with compromised, weak, identical, and expired passwords.

Compromised Passwords

Here, you will see the list of passwords that have appeared in data breaches. You might be unknowingly using such passwords that are available to attackers over the internet. We suggest changing the passwords of such accounts that are listed as Compromised.

To check all the compromised passwords in Enpass, go to the Audit > Tap on Compromised.

_images/audit-and-compromised.png

On tapping a particular item, you can see the details for that item.

_images/compromised_details.png

For items with Compromised passwords, you will always see an alert at the top of item’s detail page prompting you to change the password.

Identical Passwords

Using the same password in multiple online accounts is a bad practice and puts your accounts at risk. If any one of these accounts is compromised, all you other accounts are at risk.

To check all the identical passwords, go to Audit > tap on Identical.

_images/audit_and_identical.png

Tapping on a particular item will take you to its details.

_images/identical_details.png

Weak Passwords

Weak passwords are those which can be easily guessed, or discovered by people who are not supposed to know them. They consist of most common passwords such as personal infomation like birthday dates, family members’ anniversary, etc.

To check all the weak passwords, go to Audit > tap on Weak.

_images/audit-and-weak.png

You can check the details of an individual item by tapping it.

_images/weak_details.png

Expired Items

Here, you will see list of items that either have expired passwords, or credit cards that have expired.

To check for expired items in Enpass, go to Audit > Expired.

_images/audit-and-expired.png

Note

The passwords which have been exluded from Password Audit will not appear in the Audit results.

Expiring Soon

Here, you will see the items that have a password expiry date set, and the passwod for those items will expire in less than 6 days.

Password Generator

You can invoke the built-in password generator to generate unique and strong passwords for any of your accounts that are listed under Audit.