rel: 21.2.16.590 - here we go again - You Passwords have been compromised

[Guest]

I am on Security cloud Free v 21.2.16.590.  I had this problem in V19 and in V20 and it was eventually fixed by the development team.  I have just recived a popup telling me that my passwords have been leaked.  Each time i carefully check all of my settings to make sure that the appropriate bits are disabled and I also don’t have the plugins installed in my browsers.  

 

This is the message:

 

These are my settings that are relevant to stop this warrysome and unwanted popup:

 

 

Now.   normally I would not mind by I have this product installed for a vulnerable relative and she does not understand that it is a erronious message (or one that we have decided she does not want to see. 

I think it is unnaceptable for the developers to keep breaking this piece of functionality and presenting a screen to a person where it has been decided through configuration that it is not to be shown.

 

shame on you Kaspersky developers for keeping on doing this to my poor relative. Its not right and its not fair.

[Thoughts]

smipx

I understand your concern, but I think you’ll find its not a false or erroneous message. If you enter the e-mail in question into https://haveibeenpwned.com/ which is the data breach website used by Kaspersky, you’ll see further information related to breach(es) in question.

There are recent related posts here. https://community.kaspersky.com/kaspersky-security-cloud-11/data-related-to-your-account-may-have-been-leaked-from-2-websites-12705?sort=dateline.desc#comments

I use Security Cloud Free 20 and it initially warned me of two e-mail addresses involved in website breaches. I was already aware of them and once I had asked Security Cloud to ignore them (in the Privacy Protection section I think) I no longer saw any further warnings. I have  e-mail addresses registered with haveIbeenpwned to notify me directly of potential future data breaches.

Website breaches are increasingly becoming a way for criminals to obtain valuable login information and while Kaspersky provides excellent phishing protection, to limit malicious websites from stealing login details, if the official website is itself hacked and that information stolen it can cause real problems.

If not already you may wish to recommend the use of a password manager to your relative. They greatly simplify website logins and the generation of more secure passwords. They also provide an additional layer of phishing protection. After the initial familiarization most tend to find them very straightforward. Also if your relative was concerned it would be fairly straightforward for you to maintain their password database.

[Guest]

Hi,

 

But my point is that I have specifically disabled this feature so it should not be happening :-)

[Thoughts]

I had and still have the account check enabled, but after I had asked Security Cloud to ignore the specific website breach warning I have not received any further prompts. If I did they would be in relation only to a newly discovered breach. I think within the free version there are limits as to what can be deactivated (a bit like the occasional popups).

So you’re aware all Kaspersky browsing protection including login detection is handled centrally by the main Security Cloud app. When using Security Cloud Free the browser extension functions purely as access to the on-screen keyboard. If the extension is not installed Security Cloud is still monitoring all web activity including log in entries.

[Guest]

Hi,  My account protection is switched off and I don’t have the browser extension so I should never (ever) get the warnings.  This is a bug as I do. 

[Thoughts]

The browser extension isn’t involved in login detection/e-mail breach at all. That and all other aspects of browser protection are handled solely by the Security Cloud app. The extension (in Security Cloud Free) just adds the keyboard. If not installed everything else is the same.

Also as mentioned and maybe Kaspersky can clarify directly, but it’s possible that certain elements can’t be fully disabled in the free version; similar to the Promotional material tick boxes in the notification section that while you can untick them they only disable popups in the Personal and Family licensed versions.