Password Health is a feature in ExpressKeys designed to help improve your overall account security. It offers an assessment of your password security through a security score, as well as tips and guidance on how to improve it, protecting you against password hacks.
Your security score is calculated based on the strength of your passwords, whether you use the same password more than once, and whether the website URLs you stored are secure. Your score will improve as you resolve these issues.
Your logins and passwords are assessed locally on your device—they never leave your device.
To access more in-depth information about Password Health, tap the widget at the top of the ExpressKeys app homescreen. Depending on your Password Health rating, this widget will say either:
- Risk level (if you have yet to save any logins)
- High risk
- Medium risk
- Low risk
- Secure
How to improve your security score?
Learn more about the security issues that can be affecting your security score and ways to improve it below.
Weak passwords
Weak passwords can be easy to guess or crack easily by both humans and computers, making them vulnerable to password theft or compromise. They include common dictionary words, such as “apple” or “boy” or words that are easy to guess, such as place names or the names of your partner.
To keep all your accounts safe, generate strong and unique passwords in ExpressKeys.
Reused passwords
A reused password is a password you use across multiple services or accounts. If your password is compromised, attackers may gain unauthorized access to all these accounts with the compromised password. The more accounts you have using the same password, the higher the risks involved.
To keep all your accounts secure, use strong and unique passwords for all your accounts.
Logins using an unsecure URL
Unsecure URLs start with http:// instead of https://. Any data passing between you and the website is not encrypted and can be read by third parties, including your passwords, usernames, email address, and credit card numbers.
To keep all your accounts safe, use only https:// in your URLs.
Exposed passwords
A password is exposed if it has been found in a list of passwords online, often as part of data breaches. Attackers often attempt to sign in to services by trying all known exposed passwords available on the dark web. The more accounts you have using the same exposed password, the more vulnerable you are to being hacked.
Data breaches potentially put your passwords at risk and are being reported at an accelerated rate, sometimes multiple times a week. To minimize the risk of exposed passwords, use strong and unique passwords for all your accounts and update any exposed password as soon as ExpressKeys alerts you to do so.
Two-factor authentication not enabled
Two-factor authentication (2FA) adds an extra layer of protection to your online accounts, preventing unauthorized access even if your passwords are compromised.
To keep your accounts safe, you should enable 2FA where possible. ExpressKeys lets you add 2FA codes to compatible accounts. Once set up, Keys can easily generate 2FA codes—also known as time-based one-time passwords (TOTPs)—for websites or apps with 2FA enabled.
Need help? Contact our Support Team for immediate assistance.