Jump to content

"your password may have been leaked/compromised, change password"


KDcyp99
 Share

Go to solution Solved by Flood and Flood's wife,

Recommended Posts

The release notes of the latest version of Kaspersky Password Manager confirms it checks for possible password leaks and I have had 2 such reports of different passwords, however I believe they have not been leaked or compromised.

Does anyone know how this report is triggered, what makes it believe/how would they know that a specific password has been leaked/compromised?

I use KPM across different devices and multiple platforms as intended. Surely this wouldn’t trigger the report as if ‘unexpected users’ are logging in?

Maybe it will report for all passwords not changed within a set time period???

Can Kaspersky please reveal this information as it is not in the release notes?

Link to comment
Share on other sites

Hello @KDcyp99

Welcome!

Check for compromised passwords

  • For additional security, Kaspersky Password Manager (KPM) can check whether your passwords have been hacked or leaked.
  • The application uses Secure Hash Algorithm 256 (SHA-256) to check for compromised passwords. The application generates SHA-256 message digests from each password in your vault and compares them with SHA-256 messages from a database of compromised passwords. If the SHA-256 messages match, the application warns you that your password is compromised and you better change it.
  • By default, the check for compromised passwords is enabled.
  • KPM check, for compromised passwords, is only for active entries.
  • If you wish to double check the 2 profiles that are being reported, use Have I been pawned (HIBP) a resource setup for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach - note, the HIBP resource will tell you if there’s been a data breach, however it does not provide a date the breach happened
  • If you’re still unsure, please log a case with Kaspersky Technical Support

Please let us know the outcome?

Thank you🙏

Flood🐳 &🐋

Link to comment
Share on other sites

Hey Flood and Bernie,

Many thanks for pointing me in the right direction ? Much appreciated. I did search for at least 15 minutes obviously in the wrong direction.

If I understand those resources correctly, my password has been found on a site that lists leaked passwords which could mean its leaked from my data or by a coincidence someone else has the same password to any site and his data has been leaked. I guess even with a reasonably random password it’s possible someone has used the same password given that most daily net users probably have more than 100 passwords x the worlds population of net users, that’s not unfeasible.
Of course having received the warning, the simplest and safest course of action is to change the password regardless ?

 

Link to comment
Share on other sites

  • Solution

If I understand those resources correctly, my password has been found on a site that lists leaked passwords which could mean its leaked from my data or by a coincidence someone else has the same password to any site and his data has been leaked. 

 

Hello @KDcyp99,

You’re most welcome☺ !

Thank you🙏

Flood🐳 &🐋

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.