LabTech Plugin: Have I Been Pwned?
Posted on June 2, 2016
This plugin uses information from https://haveibeenpwned.com/ to check the contacts in LabTech against known website breaches where information was released. This can help you easily identify users that should consider changing their password. If you have contacts set to sync from your PSA (like ConnectWise or AutoTask), you can leverage the tool to check all known email addresses automatically and regularly as new breaches occur.
Update: You can now right-click on a breached account (or multiple accounts) and send an email to let the contact(s) know about the breach and suggest a password change.
How to use this plugin:
- Install the plugin with our Plugin Installer and restart LabTech Control Center.
- You’ll have a new item in the Tools menu titled “Have I Been Pwned?”.
- Upon opening, there will be no available items. Right-click and choose “Rescan Contacts”. This process will take approximately 1 second per contact.
- Close the window and come back later.
- You should now see any compromised contacts and can filter and export the results as needed.
Note that this process will run every month on the first of the month automatically to get an updated list. You can also force an update at any time using the Rescan Contacts option, though this shouldn’t need to be done frequently. When the scan is run, a ticket will be created if any newly compromised accounts are found – that is, any accounts are found that weren’t found before, regardless of the date of the breach. You can disable ticketing by adding a property in Dashboard->Config->Configurations->Properties. Use the name “SDPwnedDisableTicketing” and a value of “1”.
Hi
Great plugin, thanks.
Is there any way I can create a ticket per issue so I can send mails from the ticket telling the users to change the relevant password and then flag the system to not highlight the issue again.
Thanks
Vaughn
Vaughn,
That’s in the works, but hasn’t been released yet.
Thanks for the feedback!
Tim
Vaughn,
Actually, this feature is now available. Thanks again for the feedback!
I installed it, but when I tell it to scan the labtech control center freezes up, then crashes.
Thank you
David,
That’s definitely a new one! Have you experienced this for multiple users? And are you able to open in contacts in LabTech individually? Please shoot me an email at support@squattingdog.net and I’ll be glad to work toward resolution.
Thanks,
Tim
Is there a way to include the Description in the email template?
Also. is there a way to change the email subject line?
Can you list out the Header Tag fields for the columns or where I can get those?
We have somehow lost the insert tag for the “Description” field and cannot autofill the text info from that column into the messages any longer.
I was unable to find it by exporting to Excel because it used the common name instead of the header tag.
Hi there,
To confirm: When a contact is found in this list that means that specific email account was compromised in the detailed hack in the Description column? Where is the script checking it’s data against? Is it specifically looking to see if the contact has their email address in a compromised list? Where’s the list?
Dominick,
The email is queried against the website haveibeenpwned.com which aggregates data from a variety of sources.
Thanks,
Tim