Jump to content
Enpass Discussion Forum

Compromised numerical passwords


Slurb

Recommended Posts

Hi there,

recently enpass started to instantly flag any and all 6-digit (or less) numerical PINs I set up as compromised. I tried to save 10 completely random number combinations in a row, and all of them are marked as compromised right away once I save them.

Any idea what could be wrong?

Thanks for any hints!

Link to comment
Share on other sites

Solved, I think (correct me if I’m wrong). Leaving it up for people with a similar issue.

For some reason, if you forget to switch the pre-selected category of "password" in the according drop-down to "PIN", a short numerical PIN is instantly flagged as compromised. Switching to "PIN" category removed the warning.

A bit confusing, as the displayed warning does not indicate this scenario as part of the security check or potential cause for the warning, but rather only points to "online exposed passwords".

  • Like 1
Link to comment
Share on other sites

  • 1 year later...
  • 2 months later...

Considering that Enpass uses haveibeenpwned.com to check for passwords that have been exposed in data breaches, it makes sense that any simple numeric pin stored in a password field is going to be flagged as compromised. haveibeenpwned.com has recorded hundreds of millions of exposed passwords. This is guaranteed to include many extremely weak "passwords."

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...