Security and privacy

About Watchtower privacy in 1Password

Learn how 1Password protects your data when you use Watchtower.

When you use Watchtower to find passwords you need to change, you can quickly find out about password breaches or other security problems that affect you. Because we continually update Watchtower as security breaches are reported, you can change your passwords sooner and stay safer online.

Everything is checked locally on your own device

The information you have saved in 1Password is not our business. We can’t share it because we never collect it.

Everything is checked locally on your own device, including reused passwords, weak passwords, unsecured websites, and expiring items. It’s a bigger technical challenge to design industry-leading security audit tools like this, but it’s the right way to do it.

Your websites are never sent to us or anyone else

To check for compromised websites, 1Password downloads Watchtower information from watchtower.1password.com and compares your websites locally on your own device.

To check for items that support two-factor authentication, 1Password downloads TwoFactorAuth.org information from watchtower.1password.com and compares your websites locally on your own device.

Learn more about TwoFactorAuth.org.  

Your passwords are never sent to us or anyone else

To check for vulnerable passwords, ones that have appeared in data breaches, 1Password creates a 40-character hash of each password and sends only the first five characters of each hash to the Pwned Passwords service provided by haveibeenpwned.com.

The service provides a list of vulnerable passwords that have hashes starting with those same five characters, and 1Password compares them locally on your device. Only the first five characters of each hash leave your device. Your passwords are never sent to us or the service.

Learn more about how the Pwned Passwords service works.  

Learn more

Published: