Jump to content
Enpass Discussion Forum

Recommended Posts

Posted

Hi there,

recently enpass started to instantly flag any and all 6-digit (or less) numerical PINs I set up as compromised. I tried to save 10 completely random number combinations in a row, and all of them are marked as compromised right away once I save them.

Any idea what could be wrong?

Thanks for any hints!

Posted

Solved, I think (correct me if I’m wrong). Leaving it up for people with a similar issue.

For some reason, if you forget to switch the pre-selected category of "password" in the according drop-down to "PIN", a short numerical PIN is instantly flagged as compromised. Switching to "PIN" category removed the warning.

A bit confusing, as the displayed warning does not indicate this scenario as part of the security check or potential cause for the warning, but rather only points to "online exposed passwords".

  • Like 1
  • 1 year later...
Posted

Thank you for this info, I was trying to figure out why I couldn't clear the compromised password notice on one of my logins, and it turns out it's because the field wasn't set to a PIN. 

  • 2 months later...
Posted

Considering that Enpass uses haveibeenpwned.com to check for passwords that have been exposed in data breaches, it makes sense that any simple numeric pin stored in a password field is going to be flagged as compromised. haveibeenpwned.com has recorded hundreds of millions of exposed passwords. This is guaranteed to include many extremely weak "passwords."

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...