Skip to content
Contact us
  • There are no suggestions because the search field is empty.

User Risk: Privacy 

Privacy 

User Risk's browser extension is designed to deliver relevant cybersecurity insights while maintaining privacy as a priority.

When the extension logs usage:

The extension logs app usage only if both of the following conditions are met:

  • The app/site the user visits is on an UpGuard configured list of business apps and sites. This list is stored in the extension.
  • The user meets the time threshold for detecting usage. By default, User Risk is set to track usage after 1 minute of active interaction but you can adjust the time detection in settings.

What the extension collects:

  • App name
  • Browser’s IP address
  • Browser User Agent (i.e. browser type and operating system)

What the extension doesn’t do or collect:

The extension only collects the information described above. Below are some examples of content the extension doesn’t collect:

  • On screen content (e.g. we don’t read emails)
  • Keystrokes (i.e. we don’t see what you type)
  • Screen recordings (i.e. User Risk never records the users screen)

Password detection and privacy

Password detection is an admin-controlled policy option that helps users avoid weak or reused passwords.

  • What triggers a check: The extension watches for form submissions that look like sign-up or sign-in flows.

  • What the check looks for: The extension uses a library to evaluate whether the password is predictable (e.g. matches a common-password list of around 30,000 entries) and to detect when a user is reusing a password across sites.

  • What happens after the check:

    • If the password is predictable or reused sign-up submissions: the extension blocks submission until a stronger password is chosen.

    • sign-in submissions: the user sees an informational warning but they are able to proceed.

  • What's recorded: The extension never stores or sends passwords. A hash of the password is used to flag if passwords are being reused.

Sending information to User Risk

The browser extension frequently and regularly sends usage information back to User Risk in UpGuard. If there is new and relevant information, we update:

  • the user’s score
  • apps associated with the user