Have I Been Pwned Scheduled Report: Check specific Folders / Password lists only

[fecton.ernst.meinhart]

Currently there is an option to schedule the "Have i been pwned" report to be sent automatically. Sadly there are no options to filter for specific password lists / folders (multiselect) for this report. So the feature request is to be able to filter for specific password lists / folders within the reporting settings.

We would like to filter on a subset of Password lists of the Passwordstate instance only.

 

The reason for this is, that we use Passwordstate to store credentials from customer systems and we don´t want that those informations will be sent to third party services like Have i been pwned.

But we would like to use this service for our organization internal credentials. The only work around i see for the moment is to go to each password list and fetch the result using Passwordlist Administrator actions. Doing it that way means more time spent for fetching, consolidating in comparison to an scheduled report.

Also this is manual work which needs to get tracked accordingly if this has been done, which is generally more error proune and could be a security concern.

[support]

Hello,

 

Thanks for your request.

 

Please be aware though that under no circumstances do we send credentials to any third party services, including Have I Been Pwned. Please see there documentation here, for how their API works - https://haveibeenpwned.com/API/v3

Regards

Click Studios