Weak passwords
Detect low-entropy and insecure credentials across vaults. Get recommended strength targets and actionable change suggestions.
See risks clearly. Fix them fast.
Vauzy checks the health of every credential and turns weak, re-used, outdated, or missing-2FA accounts into simple fixes you can act on immediately.
Security Rating
1 weak
1 old
0 re-used
0 at risk
0 no MFA
Instant visibility
Spot weak, stale, or re-used credentials, missing 2FA, and access gaps at a glance.
Clear next steps
Get guided fixes and clear actions to remediate risks quickly and confidently.
Prove you're protected
Track progress with audit-ready logs and reports that show real improvements over time.
What we monitor
Everything that puts access at risk, surfaced in plain language with an action plan.
Outdated or stale credentials
Flag old passwords and dormant accounts with age thresholds you can define. Get notifications prompting you to rotate your credentials.
Re-used passwords
Detect common passwords across multiple accounts. Quickly see the credentials affected and work towards a secure, unique passwords across your vaults.
Access drift & removed users
Identify credentials still exposed after people leave projects or organisations, and tighten scope with strict vault controls.
Missing or misconfigured MFA
Catch accounts without MFA or using weak factors, then fix with our built-in authenticator and setup wizards.
Dark web breaches
We monitor and track your passwords and report on any detected breaches or matching account leaks on the dark web.
How it works
- 1
Assess
Vauzy analyses password strength, reuse, age, MFA coverage, and access activity across vaults.
- 2
Identify
Issues are identified and clearly presented, with detailed information and suggested fixes.
- 3
Remediate
Use our built in password generator, wizards and the authenticator to rotate passwords, enable MFA, and tighten access.
Security you can show
Passwordless login, strict vault access control, shared audit logs, and GDPR-aligned data handling by default. No master passwords, no guesswork.
Frequently asked
How does Vauzy measure password strength and reuse?
We assess entropy, reuse across vaults, and age thresholds you can configure. Results appear as clear actions rather than raw scores.
Do insights work across shared client vaults?
Absolutely. Clients are able to see when their credentials are weak, outdated, or re-used, and take corrective actions. Agencies see risk summaries, while clients retain full control of fixes.
How often are health checks run?
Vauzy automatically refreshes health insights whenever credentials created or changed.
How do you detect reused passwords without seeing them?
We create a one-way, keyed hash fingerprint of the password using a server-held secret (stored in AWS KMS). Equal passwords generate the same fingerprint, so we can flag reuse—without storing or revealing the actual password. All of these actions are performed on our isolated data processor at the time of credentials being created or updated.
Does Vauzy detect leaked or breached passwords?
Yes. Vauzy checks credentials against known breach datasets and dark web reports. If a match is detected, you’ll receive an alert and an action prompt to rotate the affected password.
Can clients see health insights for shared vaults?
Definitely. Both sides can view the same health overview, but only the vault owner can take corrective actions. Agencies see risk summaries, while clients retain full control of fixes.
Keep your credentials healthy
Fix risks before they become problems, and show your work with audit-ready proof.