FAQ: Compromised or Unique Vault Password warnings

You're seeing this message because the password you're currently using to unlock your vault appears to be compromised - meaning it's a well-known password that's been used widely and may have been exposed in data breaches elsewhere. We're recommending that you change your vault password to something unique and strong. This is a preventive measure to ensure the security of your data.

You're seeing this message because your vault password seems to be the same as, or similar to, a password you use elsewhere – like for your email or another account. Especially, it seems that your vault password might match the password you use to sign in to Norton Password Manager. It's crucial for your vault password to be distinct from your account password and any other passwords you might use. Think of it this way: if one key opened both your house and your car, and someone found that key, they'd have access to everything. Similarly, using one password for multiple purposes can put you at risk. Keeping your vault password unique ensures you have an extra layer of safety.

If you're using the same password across different websites or apps, there's a chance it could have been exposed during a data breach on one of those platforms. Please note that this doesn't necessarily mean your vault has been compromised, rather it indicates that the password you're using is not as secure as it could be.

No, there hasn't been a breach in Norton Password Manager. The warning message is purely preventive, aimed at enhancing your security before any potential issues arise.

Under normal circumstances, no. To access your vault data, one would first need to sign into your Norton Account, validate 2-factor authentication (2FA) if enabled, and then unlock your vault using your vault password. This message is a precautionary step to ensure you maintain the highest level of security.

No, Norton does not know your vault password. The compromised password detection is performed locally on your device, preserving our zero-knowledge architecture. This means only you have access to your vault password, bolstering your data privacy and security.

Once you change your vault password, you'll need to set up your Passwordless Vault Unlock again as changing your vault password resets the Passwordless Vault Unlock setup. This is necessary to ensure that your new vault password is effectively linked with the Passwordless Vault Unlock feature.