Breachwatch Commands

How to use Breachwatch Dark Web scanning in Keeper Commander


Run a Breachwatch dark web scan of your records or password

Breachwatch Command

Requires the Breachwatch addon
Command: breachwatch or bw
Detail: Run a Breachwatch dark web scan of your records or password
list Displays a list of breached passwords
  • --all, -a display all breached passwords (including ignored) -- note: if this flag is omitted, only the first 30 records are shown if the total count exceeds 32
  • --owned, -o display only breached records owned by user
ignore <UID> Ignores breached passwords. Accepts multiple passwords separated by a space
password <password> Check a password against our database of breached accounts. Accepts multiple passwords separated by a space
scan Perform a Breachwatch scan
reset Recalculate security audit score data for all passwords in the vault. Applies only to the current user's vault.
Reset Command Details
  • The reset command loops through every record in the vault. Please allow it to complete without interrupting it. If interrupted, the security scores in your vault may undercount your records. If this happens, you can run the breachwatch reset command again to correct the counts.
  • The breachwatch reset command should not be run while you are logged in to the Security Audit page in the admin console. Doing so can result in incorrect data being generated for the user whose vault scores are being reset.
  • After security scores are re-calculated, the Security Audit page in the admin console will not yet reflect the changes. To show the updated scores in the Admin Console, use the enterprise command security-audit-report -s.
breachwatch scan
breachwatch list
bw password n5@x85tG#gH7& my_dog_21
bw ignore qUX4gSrtDRfM1Kq9lrQi-w
bw reset
  1. 1.
    See a summary of Breachwatch commands
  2. 2.
    Run a Breachwatch dark web scan and show which passwords are breached
  3. 3.
    List any records which have been marked as breached (and not ignored)
  4. 4.
    Check the passwords "n5@x85tG#gH7&" and "mydog21" for breaches using Breachwatch
  5. 5.
    Ignore the breached record with the given UID
  6. 6.
    For each record in the vault, re-calculate the security score data scored by KeeperApp.

Automatic Scans

If Breachwatch is enabled for your Keeper account, a Breachwatch scan is performed automatically when you login to Keeper Commander.
Additionally, if you create or edit a record, a scan is automatically performed on the record.