.svg)
The Security Audit Dashboard in the Enpass Admin Console gives administrators a unified view of credential risk across their entire organization. Rather than waiting for a breach to surface, it allows security and IT teams to proactively identify weak points — compromised passwords, policy violations, reused credentials, and at-risk vaults — before they become incidents.
From a compliance and risk standpoint, the dashboard serves as the primary control point for enforcing your organization's password policies, tracking remediation progress, and producing audit-ready evidence of your credential security posture.
How to Enable
Security Audit must be explicitly enabled before any data is collected or displayed. It is part of the Enpass Admin Console and requires an active Enpass Business license.
-
Sign in to the Enpass Admin Console.
-
Select Security Audit from the left sidebar.
-
Click Enable Security Audit.
Once enabled, the dashboard will begin populating as user apps opportunistically send audit data.
Note: Security Audit can be disabled at any time from the dashboard's overflow menu (⋮). Disabling it will stop all data collection for this feature.
Why It Matters
Poor credential hygiene is one of the most common root causes of organizational data breaches. The Security Audit Dashboard directly addresses this by surfacing:
-
Credential risk — compromised, weak, or reused passwords that expose users and systems to unauthorized access.
-
Policy compliance gaps — passwords that violate your organization's defined password rules or have exceeded their expiration date.
-
Vault-level exposure — individual users and shared vaults that are dragging down the organization's overall security score.
-
Modernization readiness — accounts where Passkeys or 2FA can replace password-based authentication entirely.
Who Should Use It
The Security Audit Dashboard is intended for:
-
IT Administrators monitoring day-to-day credential health and responding to alerts.
-
Security Teams conducting periodic risk assessments or preparing for audits.
-
Compliance Officers verifying adherence to internal password policies or external regulatory requirements.
Privacy and What Admins Can See
The Security Audit Dashboard is designed with user privacy as a core principle. Administrators can only see aggregated audit statistics at the vault level — such as counts of weak, identical, or compromised passwords. No actual vault item details are ever visible to admins.
This is by design. Enpass follows a zero-knowledge, data sovereignty model — vault data is never stored on Enpass servers, so item-level details are never available to the Admin Console. Only aggregated audit metrics are transmitted from user devices.
Note: User apps send audit data opportunistically when active, so the dashboard reflects the last known state from each device. Users who have not opened Enpass recently may have stale data.
For user communication: When rolling out Enpass Business, administrators may wish to share this with their teams to address privacy concerns and encourage full adoption.
Dashboard at a Glance
The Security Audit Dashboard is organized into the following sections:
|
Indicator |
Purpose |
|---|---|
|
Security Audit Score |
Aggregated credential health score across all vaults, influenced by compromised passwords, breached sites, weak passwords, reuse, and vault master password strength |
|
Critical Alerts |
Highest-severity risks — compromised passwords found in breach datasets and credentials on breached websites |
|
Attention Required |
Elevated-risk passwords — identical passwords, SSO password reuse, and weak passwords |
|
Compliance Gaps |
Policy violations — expired passwords and passwords that violate configured password rules |
|
Actionable Suggestions |
Upgrade opportunities — accounts where users can adopt passkeys or enable 2FA through Enpass |
|
Vaults |
Per-user and per-vault breakdown with filtering, drill-down into individual vaults, and CSV export |