LastPass — a popular password manager by LogMeIn — has announced a new feature called ‘dark web monitoring’ to alert users if their credentials were compromised and leaked on the dark web. It checks logins against Enzoic’s database (previously known as PasswordPing) and if any logins are found in the database, LastPass alerts you via email and the app itself.
LastPass had already been alerting users about breaches related to email address associated with the password manager. In 2017, they partnered with PasswordWing to include emails stored in vaults, too. Users could run Security Challenge from the app to check if their credentials were compromised. It also identified weak, duplicate, old, or compromised password.
Along with dark web monitoring, a new dashboard has also been released to replace Security Challenge. The Security Dashboard displays your overall security score, dark web monitoring alerts, and all emails being monitored. While Security Challenge had to be run manually by users, credentials will now be checked automatically in background once Dark Web Monitoring is turned on.
The Dark Web Monitoring feature is available for paid LastPass users only. Security Dashboard is currently available only on desktops. Android and iOS users can still use the Security Challenge to check credentials for breach manually.