Breach Monitoring in Enpass

Breaches put your personal data, including passwords, at risk. Breach Monitoring is a threat-detection service built into Enpass that alerts you whenever websites you've saved in Enpass have had their user data stolen. Any time breaches are announced that affect you, Enpass alerts you to immediately change the passwords for your compromised accounts before any damage can be done.

To view breached websites:

  1. Open your Enpass app.
  2. Go to Audit, and select Breached.

Information Enpass provides about each breach

When a breach that may affect you is detected, Enpass provides a short report to inform you of the details. The report contains the name of breached website, the dates of the breach, the types of data compromised, and the precaution that should be taken to secure your account. To prepare this report, Enpass fetches the information managed by the trusted haveibeenpwned.com.

How to recover from a breach

As soon as you get the information about a breach on a site where you have an account, the following steps are highly recommended:

  1. Change your password
    Login to the site and use Enpass to generate a strong and unique new password.
  2. Enable two-factor authentication
    Add extra layer of security to your account at the breached website by enabling 2FA, if that option is available. You can view all your 2FA-supported accounts in the Audit section of Enpass, and use Enpass to generate and save the one-time codes used for 2FA login.
  3. Check the security of other passwords
    In Enpass, go to Audit and check for compromised, identical and weak passwords. Use Enpass to generate new, stronger passwords for those accounts as well.
  4. Find out more about the breach
    Follow any links provided in the Enpass breach report to find out more about the types of data was stolen and what additional actions should be taken to secure you account and data.

Read more about...

How Enpass checks for compromised passwords

Using Enpass to store one-time code