Update password collection policy
Overview
Threat Monitoring scans for signals from credential-dump sources, such as combolists and publicly available paste sites where exposed credentials or login pairs are posted. Because of the sensitive nature of this information, UpGuard provides controls for if and how we collect and store captured passwords.
Password collection options:
- Do not collect passwords (recommended)
- Passwords found in threat data will not be collected or stored in the platform.
- Collect redacted passwords
- Store a masked version of the password. This shows the password length and the last 4 characters, allowing for verification without exposing the full credential.
- Collect plain text passwords
- Store the full password securely and display it in plain text for 7 days. After this period, the plain text version is automatically deleted and reverts to the redacted format. Warning: this provides temporary visibility for investigation purposes. It should only be enabled if your organization's security policy and legal frameworks explicitly allow it.
Password collection policies apply to all Transforms in your account; policies cannot be set individually per Transform.
Update password collection policy
You will set a password collection policy when you activate your first Transform, but you can update Threat Monitoring’s password collection policy at any time.
- Click the Breach Risk icon from UpGuard’s left-hand navigation.
- Click Threat Monitoring.
- Click the pencil icon next to the current setting in the Password collection policy section.
- Select the appropriate setting.
- Click Save changes.
Your new policy is now set and put into effect immediately. The new setting impacts password collection going forward; it is not retroactive and does not impact passwords collected (or not collected) previously.