Overview
The security center provides a real-time view of your credential security posture. It aggregates breach monitoring data, password strength analysis, and security recommendations into a single dashboard.Password health
Each credential in your vault receives a health score based on:| Factor | Impact |
|---|---|
| Strength | Entropy-based analysis of password complexity |
| Age | How long since the password was last changed |
| Reuse | Whether the same password is used across multiple services |
| Breach status | Whether the password has appeared in known data breaches |
| 2FA status | Whether two-factor authentication is enabled for the service |
Breach monitoring
PassAgent integrates with Have I Been Pwned to check:- Email breaches: whether your email addresses appear in known data breaches
- Password breaches: whether your passwords (via k-anonymity hash prefix) appear in breach databases
Breach checks use the HIBP k-anonymity model. Only the first 5 characters of the SHA-1 hash are sent to the API — your full password hash is never transmitted.
Security recommendations
The security center generates actionable recommendations:- Weak passwords: credentials that need stronger passwords
- Reused passwords: credentials sharing the same password
- Stale passwords: credentials that haven’t been rotated recently
- Missing 2FA: services that support 2FA but don’t have it enabled
- Breached credentials: passwords found in known breaches