Meet the features: Protecting against lost and stolen passwords

Avast, 7 May 2021
Avast, 7 May 2021

You don't always know when passwords are lost and stolen from sites — we've got solutions

“Meet the Features” is an ongoing series to help introduce you to specific features in Avast products. It’s meant to help you understand and use a specific feature by explaining the security/privacy problem the feature is meant to solve and how it works so that you can quickly understand and use the feature to better protect yourself.

Have a feature you want to meet? Let us know.

The problem

Data breaches that lead to lost or stolen passwords are becoming more and more common.  Every time a password is lost or stolen from a site there’s a risk that attackers can get that information and log into that site as you. Because of this, lost and stolen passwords are big business for cybercriminals who buy and sell these passwords, sometimes for just pennies.

When a password is lost or stolen to protect yourself you should either change the password on that site and any others you might have used that password on. You can also consider closing the account on that site if you’re not using it any more. This highlights the risk of password reuse: if a password is stolen from one site and you use that same password on another site, both now are at risk

The problem is in knowing when passwords are lost and stolen from sites: you don’t always know when it happens. This is where Avast products can help.

The solutions

Avast Premium Security and Avast BreachGuard for Microsoft Windows both have features that scan for lost and stolen passwords associated with email addresses and tell you about them. 

Both features will notify you when passwords associated with your email accounts have been leaked and will help guide you to change those passwords.

In Avast Premium Security, the Hack Alerts feature does this for the email address associated with your Avast account.

In Avast BreachGuard, the Risk Monitor feature does this for you for the email address associated with your Avast subscription and any others you’ve added.

How it works

Avast Premium Security Hack Alerts

You’ll receive notification any time a new password breach is detected affecting a password associated with your Avast account by an alert in the Notifications menu in the upper right corner as shown below. These are also sent to you by email and in the program pop-up.

You can also check by clicking on the left Privacy tab and selecting Hack Alerts as shown below.

This will then show you any breaches where your passwords may have been leaked, as shown below.

Avast BreachGuard Risk Monitor 

When you start Avast BreachGuard, you can look for any lost or stolen passwords by clicking on Rick Monitor on the opening screen as shown below.

When you click on this, you’ll see a listing of all breaches associated with the emails you’ve registered, as seen below.

You can add new emails to be monitored by clicking on Manage Monitored Emails button.

For each breached account, you can click the Show Details button to resolve the issue.

After you click Manage Monitored Emails you’ll see the screen below which will list all the emails that are currently being monitored. You can add a new email by clicking the Add New Email Account Button

After you’ve done that, the email address will be added to monitoring and you’ll be notified of any breaches affecting that email.

From the Threat to your Privacy page, after you click the Show Details button for any breach listed, you’re shown a screen that shows information about the data breach. This includes details such as when it happened and what information was lost as shown below.

If you’ve already changed the password you can click I’ve Already Changed This Password to resolve the issue and you’ll see it in the list of Previously Resolved Threats on the main Risk Monitor Screen.

If you haven’t changed the password, you can click Change Password which will open a browser window on the site which you can use to change the password (or close the account). Once you’ve done so, you can click I’ve Already Changed This Password to resolve the issue.