When we launched Passwarden in 2020, our focus was on providing the highest level of security protection to our users.
At the time, that commitment to cybersecurity meant military-grade encryption. Passwords stored on our application are completely secure—even our team doesn’t have access to a user’s stored data.
Indeed, keeping information on Passwarden means that data is safe on your computer. But there’s a catch. Your passwords— as well as your credit card information, social security numbers, and other vital data—don’t just exist on your devices. They’re spread across third-party servers owned or rented by the companies you register accounts with. And those servers have their own risks.
The number of data breaches worldwide hit a record high in 2021, surpassing all of 2020 by Q3. It’s not enough to have good security habits on one’s own devices—protecting information that exists online is paramount. That’s why we’ve focused our first update of 2022 on security monitoring.
More specifically, we’ve built a Security Dashboard that gives users a wider overview of their password status.
Our hope is to give users an additional level of protection, revealing which passwords are vulnerable or unsafe, while providing alerts to notable data breaches. Here’s how we do it.
There are a few easy ways to improve your password security in minutes. For starters, our Security Dashboard sorts passwords into a few separate categories:
Weak passwords. Passwords that are easily-guessable tend to be a risk for identity theft. Common words or character combinations without special symbols basically invite hackers to take over the account. Passwarden will highlight these weak passwords and provide stronger alternatives to quickly improve security.
Reused passwords. Even a good password can be made weak if it's used across accounts. If a bad actor gains access to one account, they may try using the revealed password on other websites hoping for a hit. This technique is popular because it works—one Google survey found that 65% (https://services.google.com/fh/files/blogs/google_security_infographic.pdf) of people reuse their passwords. It’s also why we built a feature to automatically flag reused passwords and offer replacements.
Vulnerable passwords. When a data breach occurs, Passwarden lets you know which passwords were exposed to cybercriminals. Acting quickly on these vulnerabilities prevents one company’s data leak from affecting your data privacy.
Compromised accounts. Similar to the previous category, Passwarden will automatically highlight account information that’s been exposed in a breach.
Expiring credentials. Passwarden stores more than just passwords. Users can set an alert to notify them when their credit card, passport, license, or other time-sensitive information is about to expire. Keeping this information up-to-date is part of maintaining overall security.
When hackers gain illicit access to online accounts, the information often ends up on what’s known as the dark web. Users browse the dark web in relative or total anonymity, making it a preferred haunt for hackers.
Many data breaches are announced publicly. Some hackers will even post their findings on a public website or searchable database. More often than not, however, the only internet users aware of the hack will be dark web users, who are specifically looking for this kind of ill-gotten information.
It just isn’t feasible for the average internet user to monitor or even access the dark web. Passwarden, however, has that capability. If the application finds credentials—such as an account name or email address—on the dark web, users receive an alert and are required to change their log-in information. Users are at far less of a risk when the leaked information is out-of-date, and dark web monitoring protection allows Passwarden users to stay one step ahead of the criminals.
Between advanced password protection and active dark web monitoring, you’d think our users would be set. And there’s no question that users are dramatically safer using Passwarden than they are trying to keep track of all their passwords alone.
Yet we can do even better.
For starters, ensuring this level of security across devices can help prevent data leaks, and helps users react quicker in case of a breach. Passwarden can be used across an unlimited number of devices, and our new Security Guru feature makes it easier than ever to install the application.
Moreover, it’s not just Passwarden that’s helping protect the web. Security Guru also provides access to other KeepSolid software, including VPN Unlimited, which brings IP address encryption to any device.
This kind of comprehensive approach to cybersecurity is central to what we do. The Security Guru feature helps guide users toward the kind of holistic protection they need to stay safe online.
The first major data breach disclosure of 2022 happened on January 1st, just hours after the new year had begun. Hackers gained access to patient and employee information at Broward Health, a healthcare provider in Florida. Over 1.3 million people had their information exposed.
These kinds of hacks are tricky to protect against. For example, the data breach itself was disclosed in January 2022, but actually occurred in October 2021. For three months, most—if not all—of the affected individuals weren’t even aware there was a hack.
That delay is part of why we implemented dark web monitoring. Once your information is found online, our application provides an alert, allowing you to react faster and increasing the chances of staying protected. You don’t have to wait for the public announcement—once Passwarden finds a match, you can start protecting yourself.
Luckily for the patients and employees of Broward Health, the company found no evidence that their data was misused. Yet the fact is that information collected in these hacks can still exist online. Changing, updating, and strengthening passwords, as well as outdated account information, provides strong protection against these cases of misuse, and is what drove us to develop our Security Dashboard.
It’s also why we’re so proud to share this update with our users. A better, more secure 2022 is possible—all it takes is the right security monitoring from a leader in password protection.