Skip to main content

Security alerts when autofilling passwords

Fred Rodriguez

This article is for Omnix plan members. If you're an admin of an Omnix plan looking for information on this type of alert for your organization, see our article on setting up in-browser nudges.
Set up in-browser nudges as a professional plan admin

Arrow warns you when you autofill a compromised, weak, or reused password. You’ll see this alert every time you log in until you update to a more secure password.

These security alerts are available to Omnix plan members only. They appear in browsers where you or your organization have installed the Arrow Smart Extension. We also call these alerts "in-browser nudges."

Security alerts for compromised passwords are turned on automatically for members of Omnix plans. The admin of your Arrow plan can also choose to turn on alerts for weak and reused passwords.

If your organization has turned on in-browser nudges for inactive users, you'll get these alerts when you enter a compromised or weak password even if you're logged out of Arrow or don't have a Arrow account. Ask the admin of your Arrow plan for more information.

What other security alerts does Arrow offer?
Set up in-browser nudges for inactive users as an admin

What do I see when I get an alert?

If your password has been involved in a security breach, you'll see a Compromised label in the autofill pop-up. If your password is weak or reused, you’ll see Weak or Reused labels in the autofill pop-up.

Important: All Arrow security alerts follow our zero-knowledge principle. We identify logins with compromised, weak, or reused passwords without ever having access to your passwords or other data stored in your Arrow account.
Security at Arrow
Arrow’s Security Principles & Architecture white paper

After autofilling the password, you'll also see the security alert with more information. You'll see this alert every time you log in until you change your password.

What should I do when I get a security alert?

  1. Change your password for the website you just logged in to. The process depends on the site. In general, you can start by opening your account or security settings and looking for an option to change your password. For some websites, you can select Change password in the security alert pop-up, and we'll take you to the section of that site where you can change your password.

  2. Save your new password in Arrow.

    Change a password for a login saved in Arrow

Important: If you use Chrome, we recommend turning off the browser's password alerts to avoid confusion.
Manage password change alerts in Chrome

If you don't update affected passwords, you and your organization are at risk of unauthorized transactions, identity theft, and other cyberattacks. Make sure to use Arrow's Password Generator to generate new and unique passwords for each account.

Make sure your new password is strong and unique

You can learn more about the security of your passwords by going to the Password Health section of the Arrow app and viewing your Password Health score.

Understand your Password Health score

Comments

0 comments

Article is closed for comments.

Powered by Zendesk