From 54f1adfebf45f754aa8fb5ea4d93fb4e32ef3de0 Mon Sep 17 00:00:00 2001 From: Alex Date: Wed, 29 Jul 2020 23:00:24 +0200 Subject: [PATCH] New article on Vault Health Reports (#136) --- _articles/features/reports.md | 68 ++++++++++++++++++++++ images/features/reports/tools-section.png | Bin 0 -> 18687 bytes 2 files changed, 68 insertions(+) create mode 100644 _articles/features/reports.md create mode 100644 images/features/reports/tools-section.png diff --git a/_articles/features/reports.md b/_articles/features/reports.md new file mode 100644 index 00000000..c121a343 --- /dev/null +++ b/_articles/features/reports.md @@ -0,0 +1,68 @@ +--- +layout: article +title: Vault Health Reports +categories: [features] +featured: false +popular: false +tags: [account, report, breach, reused, unsecured, weak] +--- + +Bitwarden users with a premium membership can access a variety of reporting tools to evaluate the overall health of their personal Bitwarden vault following these steps: + +1. Log in to the web vault at . +2. Click **Tools** in the top navigation bar. +3. Locate the **Reports** section. +4. Select the report needed. + +Paid organization plans can also access these reports to analyze the items contained in the organizational vault: + +1. Log in to the web vault at . +2. Click **Settings** in the top navigation bar. +3. Click **Organizations** in the top navigation bar. +4. Locate your Organization and click on it. +5. Click **Tools** in the Organization’s navigation bar. + +6. Locate the **Reports** section. +7. Select the report needed. + +### Available reports in the Bitwarden Vault + +**Exposed Passwords Report** + +These are passwords that have been uncovered in known data breaches that were released publicly or sold on the dark web. + +The report uses a trusted web service to search the first 5 digits of the hash of all your passwords in a database of known leaked passwords. The returned matching list of hashes is then locally compared with the full hash of your passwords. That comparison is only done locally to preserve your [k-anonymity](https://en.wikipedia.org/wiki/K-anonymity){:target="_blank"}. + +But why do we use only the first 5 digits of the hash of your passwords? If the report was performed with your actual passwords, it doesn't matter if those were exposed or not, you would be voluntarily leaking it to the service. + +And even tough this report’s result may not mean your individual account has been compromised, just that you are using a password that has been found in these databases of exposed passwords, you should avoid using leaked and non-unique passwords. + +{% note %} +If you are self-hosting in order to run this report in your instance you will need to buy an HIBP subscription key that will authorize you to make calls to the API. You can find how to purchase this key [here](https://haveibeenpwned.com/API/Key){:target="_blank"}. + +Once you have the key you will need to go to your `./bwdata/env/golbal.override.env` file, edit it and REPLACE the placeholders values for the API key: + +``` +globalSettings__hibpApiKey=REPLACE +``` +{% endnote %} + +**Reused Passwords Report** + +If a service that you use is compromised, reusing the same password elsewhere can allow hackers to easily gain access to more of your online accounts. You should use a unique password for every account or service. The Reused Passwords Report helps you easily identify these offending passwords. + +**Weak Passwords Report** + +Weak passwords can easily be guessed by hackers and automated tools that are used to crack passwords. Use the Weak Passwords Report to isolate these passwords quickly. The Bitwarden password generator can help you create stronger passwords. + +**Unsecured Websites Report** + +Using unsecured websites with the http:// scheme can be dangerous. If the website allows, you should always access it using the https:// scheme so that your connection is encrypted. + +**Inactive 2FA Report** + +Two-factor authentication (2FA) is an important security setting that helps secure your accounts. If the website offers it, you should always enable two-factor authentication. The Inactive 2FA Report locates items in your Bitwarden vault where you have not stored a TOTP authenticator key and then cross-references it with data from [https://twofactorauth.org/](https://twofactorauth.org/){:target="_blank"}. + +**Data Breach Report** + +A “breach” is an incident where a site’s data has been illegally accessed by hackers and then released publicly. The Data Breach Report allows you to review the types of data that were compromised in these breaches (email addresses, passwords, credit cards, etc.) and take appropriate action, such as changing passwords. diff --git a/images/features/reports/tools-section.png b/images/features/reports/tools-section.png new file mode 100644 index 0000000000000000000000000000000000000000..cafd59774d2ed6c61bcb886328a515707d4f2ed0 GIT binary patch literal 18687 zcmZ^|1yCJL@GpuJ>|ntU4haxExNC3^4uONayZZrxyF0<%HIRe5yB*x!A#n5k@2z^T zZoM~EGquy(GrisY>z&@-2xUbn3{+xN7#J7~8EFYs7#KJR3=C}X2l#&!Is&xve}rdc z`R|hN@9(d#F9iB)PtVVfkB@hE_m|hV@9)oWipy_rZyggi+yC1B(fP2w3~!{r!X5%GueOXa4a=-PO&F^;ziS`}_6f`}@)RJG#c|`}^_w-TRGi(EHQF z=G*(-^V`Y8n@r&L)Zh1krQ5*ZU>KPtRwkCoi#LGw+WYHzd~B>Wct0&YqkaA9?PMgP z`vzBY<$SL3pes75;UXYJ-POSsa`&FG_~soRU$XvpVE^^~W~2S|U65b=jN-xs~^JHLB9wjO1+x4|Z>UP>fh~pU7t>KK^!=ja%FQdlU+Mki=w_qO*emIb zf&F6bj4S-;Wbp81xzNEoBswfGa^jiAV#6$|_h}@$J5&+6f8SZPmDsUySh_$1vbxH0(peO|&28K=oTQpYHcW(p!^7u)*N*;VZWcvv(CV*3ien!y_e*=W z{GB$fGRL=vYH65^X~+ddh$(U^yXQ+?E21s#4rb#DJMR)w$iB+TIINc@fk`d5cUHz4 zo0__s3zbcSPj;5o(&yK@a|2A&e(G_03_Tea@6MJ$$6In~y^f+P$1S?w1@~9iib-g~?tSby1>uXpqGz?GxY8tM&mCpw>LG#?# z{U!bKj9HpPHsno8?etQ9M@LtC2l|->`0{fgdmTnQ`2xi4)3SWaZS5P}*@MiplI0u} zTkk^sIu6=*4MYrsg3D-Z%5!x68KqW;WtXR#NBw1%FN`c0=A7qXU?h8FBt*Y^temFT zRm_S22T$7ibb+ta5GYo%(??8MO9~1)07fHKQK%VeQOrOudN-$TO2r4vnQnWjWtDMwGmA32hM1m%^HWZ5US8^C(4k#;5ne3%?-}K_34Kc zXnTh+oM3y72~SYWx56XRz1n{~TbvjW3p0@^*n8gBYjl_e%w$NUT&TlOwy?cHc}(ff zO(?DC^K-8d7=@RmY3KP^$?YI{?&V(fXf-RdT+1&B%Y=<_E#+&^=|=#^k1Be~xM^X;`ZS_SMJb23IP2JmCkUk7&hHLtT9`TBt++o^gz>c7c_Mxc z(^H*gNV?x~)@7DCJ-$m}YNb;Kh^5ox9I+N~8J}971zz=&o`+jp<~)(<`tc$1nzF~@ zk|Qd>=gNR@W}wY;u2SrlLV3eC_r%D-o*jmxBD?ETq3tI_pg(u*_8IG#lH1mb9s_dV z!80D2j+@RGA+ujq*H_qi-m2^SQ|K9xPXnzkgrYwMB{@y40Gn%WkE>*0O?b84vDoJw znRJ3J>m_ms)iB)ArPdb!AJA3U%K8+2zuq2?M#luoHun;sTM*1&m2#mD%(0$<5>CpK zc2Xv4YP?>=ahf>~Wrn4zf+M1`NW$GTptj(ru1!F&d&O1gIbUbv(oOjC))p2vud3mx zRgI$47v2U5F5k?NcNaAxxFIs|(`S%w#3ovUWjd`gns&iHD~jGK&b>)i%WF_uH?`h- zD&*&^VG^D;n`brtHnoU%a#4tKo&?J$V_)hIE5#~zr?V{JyF;0s>d^-tU_+&g$GChp zg~YWcRWaE>7t|^G3cW67gf3v_)CT2OJ@W4Mgt~6^fKT_~eGKf;<0FC1l)O}oi|V!+PGE%GA@^`Wgdhhv6xf5{_X}G%d!^iBQB!pvW`h*+{xZ}OQfA0|BFF8c z`*;^h;)$+aNMkQO?Pkb$MbT-M(N^z=Vl?%uo41GlCKR(nX7#Xx9;`6Z&T+7-3*o{v zNJ|O~A|(y`Ka&#V9xg$+<|DFN1wgHW-M8=~RxoIN3Ak}X{5bqTL`g6Xs$tyZQfL_e z>WRF@NUE)|;Z~vLzvwvM)VBL+(>5gQE4bxtk}jqjOJ`bL~x|UJfq|xbePN7(wbJQI*>m(9f_>x;I3AP(810V)K~lEB_X#J zB@cd0A>aLjl=rBDZy;?X_xQ;IbK(01uYs&5e=|-#PW)()2`@UAOp(~nKUQmS7Cfg0`1jEQZ97j`*mL|8#^`v!omj4b}N?Y<-LzeBlw`}Bv zQL>!2=26ej5nRq>z@I$Hn$y!QRXz1m*Dta%(-R{%04gjRzNql(OUZq-V!Cq8D$EODJYkj$LG6{?XKDeWeMyQ&pby3W{J z^NtSSuf&b^2Lx5zPI>si4-xAaLK{JY4i?L(@8JhU}*H z%$H{hI&!6<`YFf8MQcUyVio-pdB%hTSa{6@ASbcH)^I1JG0({;Xy~%kF%`qU7++k{ z4!j>EWxjyc-kcqY7+R9;yETq4kmB<)jwBpjQZ$W%!rHmrqkq-Epn9gB*Yfpk)n*Tw z8VvO6X7@o=E6X-g`rY;J_k@(aXC_Ef2)f`3-6)IJk-%u1yKozcJ+S+i)a#&MtyO+b zK@fz@dw6P_V3XRYnq1l+saR>wgv)*v=e28D+1cx=2Jw6ItsNSJ#D4?*m0KWV^i=cD z-v0+q^eCom{ts9!Fb;B9~3%&cx5!Q zV5R*?W#t=ViPR>GozyORn4iesMW*X;+T#c(DlxBQ=Fx1uqR=6Wvx5nKL@~->ZMU`y zpZxeUk^rYMf*82Zk=I7ey5LFi%O&Ym#ID*SZr$$-8b#8;pA^|=pv?~XV?LYl&+@6( zbk{PWzklcoq3n`>*G#FLwBlZU+W~_1H@X={fQq-*;$^1Asw;lTi%ZD}tc0A^7Y3v+ zc-}3fBbp4(3n9r@VB4pdQM_tM;@Ze!#mT}31K(NasT=p$dSZ=DL!#ZkSI09yuRPeQ zyxLBFk6vn;~dUXwaqJK_an0BK5g@2y}AZd;n)hGO7~=LY0Mw%O$9 zA4OB3qC%q4LIe=M2%Ba@>UH7!BQ?c3ub#+Leiuyh=y}aOdw-YvN(Lk?XAY*jKq z>Xy}oxq9N*Dp1%OdEh`83Nl}VhGgOKG9G?qwp*MnenI@Xk*z&X(GyN{ z!=d2>E6r|-0T;=my7*$1bZ8wh1QK0gFr_UpuQU`Is6r zo>*N?{hWn=(FKcUem0?RICs2xKPBr^IEArj`P-Co++ zKYwjE3bo^c%#}Eu#RGX8){QTI|{Cm50kKg+MZuT4L z;1vte>YhZ^ipADSBP;_4M-{1@O0yVPeuObENLEETLhO4FjBHTeHBRY>NQ6Mxh_evf z2fiPQaPZ3<;S%v%Kg=HSgD>2TV{r%Er@b2E_@Rn5q?xRQ0 zSg~VwV`T~0wD{>o?pG|&{+fW}Aox!9h0liQY_^9q*g103nQ+Ub*EWA0E47!YDfG?N zQXqv|a{KN|i+*X~+s70j7+H837Bg7|c^~!$w{+!?_Iy@{eCKgb8u3I?^wnitS>#R6 z&mT7h$}oMBm#3bl;KE4i`n>?F_NuBXR^s0UY{G`7;J_?4+Em@C^qTv)WhAO=2(Jdl zH!^T}>|nl*rm;vZlJvuk7J20stNSHa5zj}m`X~QhM zS82qbt``6e4Ncz{f!2v%gn+tGK|&yDGz1Ec(NIo#js)-mbfu(x<22aNVv~XAQLRaB zpTC>XMiFrtukoR6IZRgqDWClG1lO}CvLSTQbe>!wGYa2Ug>f`^&)WXp`rnG6FU)Dt ze-9>2OgS^kt&)4)`gckkoKW=(0E7<^xl2Ie$T@x==g+NT0D;h{HNEia zQLUGu)G@a&)5S~iQq>uT3YrV@4|=Q`v@O4rdRyy7`3yLyIPk7!n6?`(AsI$N=&V(`mJ&Y5?VX30QQ~ArHnu_ai;>8yY2ai5N zV(hCh9Fgy{a#(pj}&jlS@{T3Y9=wjtyua{LleRP9913n~N@xl@$%bi7qx z4hSF&!mIPE5+uz<8SBPfiEY0K#hu%?2$7wW?w1Dj2GxKImSaB@>GlA5ci@Y0KhGF7 z1pCa589U)4HufA}0#-b79VZb65e5a{K|FD+0Z>t1NipTBr%#ie9#8`wM0Mohj_3t` z8~Q3+#6$=-$I7&{p}(zIp+ZmN?mz)`4r_I_H1%5muOGIAPWLxFVJTS-H=8l}cP`CA z#YcPnkpZhwpF-Hsj zrN`rUq(1btMqk_&N_w?`)IJtmbM&89$dvI`sgd1^A^@5A;^Joq&4d{1Gd>>rTN|J^ z2W;cis1)1bPGn&t!M`p!Bz4cgd-7QERL+@f$j$<_xA}3^0-!y;mk1NY8gtQ38oZ#7 z`Q)BGF*?B6ednCXr7#9xoC>X-Cq95qK*eKjX~liJs9}MM8;E&dJX51`cJ+sc9nUAL zh7Dy>sJSQ$((k(*E9Q~e1MLP_9*Rls$(skJJyBSAg*Qy^;gR5uPQzTPR-Zk3x>nd( z9}PH4OgHZ2YXo>&_92L0L|&yLJlQZ=s^J9W_uC48^4aa(KwhZd-!5F(J%$)bgFCcH zvd0N>MKk*WwPqh6dkcRz8H!g|t4Ow(KmH|p)A$rrLr$vCSJw3Wo3o=)pD5k-{V*%2 zkd_{`CKg#^X11xezW2Q4l}*d(^u29gsvUC3_s{L8Z;|)Kp}1d}O!bZ&;VO`iB_CmqWsFyYPfZeU8MX?4p#EG$?b>YR;RujY+oYLBh}O( z3%qH1IHj2l=J;=duA&CD&1Fiwl=N$l{3Wl}w1pYCZ28=A-^gCYE0exX^2yc7Y=1Yk zc#sb5}zL8Te1XK&<|F%c^C+=O!`(q}0O^wl64r=C*VQi`n<7t}tah zxrj#zD=GFl;vV4@k9e{YKS~I!-f)vngh?9>H;9VLy!^VHlwKzYGYzR-pyjRZ%cZVT zLW)ph1{};G1Y9YR`eBQ_H#Ak8T@K0yuz2q)H9NY)(+imf{%)5|zfmw+% zp7;nYXKmd$!%Lx4V?v0ls>@uo$e=Q2;GYCY4QuhHO+O}ivq z=L2%<1UFrc)s<`y7pc`fsGl$?<@i=QkGt_qb{aJ5VquoOZw}TzBNCNAix_FPtBr!~ zou444a0xSW3+9=No|syhAeORd$D~o5=KQ)2y3Tdck;&)R|8XAqS0B<`AX`q*rSPk>iKod5294WZB^pn4C zGW{-Kcnxy9-a<;xsS5-2{svxq5V>TPj0-O3COLe!-ga?KhdgI^_7I31H)t08#-qyZ z+8@)oCymJUuLYyps2@Ju)}BrdPvqa7Obz{yK=AkzCf65FgLDJqR zvTdA$4{UBI-uWKkEcUL*MWewB$n82hZJ1nZ4dj23SIQ}J?aJv=X?&9Rda7|es13HG zO(6$-@J1Cf`jjL@(&MwnA6u?L1T&iB30!^PBkVBW&B-Y^D@_Q7w3G)6ydDd;T?8s3rQ*t!&l zMJdN-A#+JdE?K&0jyy2Ts`nFgX^=@ekjN|$*3RrXEGIw?GZ-Ch z`uVRiCrl}JTL2Fpf{oY+uJ@E}k=v}MyzK|etoO2mI?$;L&(QVVokAv}Nd!jc$L2i% zJovM$>=T$G~etlfUNa& z127KS@V74~0VU_r6WJ=YZ3wFg(!^v|#p)7gWuZg-7sGD;l>tL2&Jmgv1@`R=$=WoF zM+|@jey9ITYXu&&r)KCZRr>hN_&TcK`u_iS)^RvqZxdl}5F~}{| znEXXaPo~9YYb*}KLDt7ilci$M+{S!6b-=L2K|vX*VWfYwAj3sTU-`taM>u-CG!}!C z?(>}Bs~KeKZo+j|(LV{e0S8@+Q=ei_^CT(D9JRnt5Q!IQ@u|;}e~iZx9sjvv%xuYz z^|8j#QGn`3M7jBt0BroQ&(aBqn2&(~H`BhedTlL_A1X1F^0cxb*~h4VA0w;NJoQvK zeZP!*@c(ta6v+c z4G()vC~RKn<%-fKlAD|(=UKI@9rszoOPp+_{!psgvmz8of*~*ZM?{w6+cSM}!mQG~ zX3Kip&2;6&=;x)qbbS0OpPhekOCNwW?>a+9K}wqu8F{Y&Or`t=8oGB^vWqENn872v z31h3xcVR&82mW8WkXmED2t4h-n@6v`(+%iY22dZoSze{0x5fX?#9|)#SYbnqtW=&O zU`zt=&7Bgw&d@Gzc`%dP`1(5*Qg?(}31U2(j^hdR7X+{@ckEtdL_=^&cupt)a#`Eb zj#}F$Qjrjx&-|Ztfg3cA3=Pv=5E6k!b`rmx%Wn~CL`p3H@7#{&tFVwh@-f;8{nh`Z z!oKRfdz)Ez`Qp6u|2vOA|KG#OH0WHt-$0IeP&n-7dJqRpT?gFMcbIHNstBY=`Q5AU ztntl5-OY$w!z#8W^_3j6>E{(sWnbR@M~5XYWv$0I@~F&9Ntib{2HCe*6-x*-sicfo+fD# zzf@dsc@htYcmHH_+GTCB)1u~tM_Y0#@H4lvGP-+%Sf{{di~9!z$7yHSaXXWpLD4xH zX;A>-T+d-+nBBv}&2!jh1B}7P275HuJo?-Jtu}Qno$2mO+J8lBsz37Z`aZz`@C7mle@|+tVV*!`kf$dB{J8_kZrx^Xc;Q+7p|&+ zHV?k)E5e7AuRCK_I{dnq_X)6-$JSh8c|jAm^Q{cO7?6cEBNfoe`1K)t13<3M2|k}@ za7#sKWj_q(A0wgcE_jAqR{?;C{qqrrn@vR;KlPi7KQTVh#2r|Hdf~X@XazCG6>W=4 z)w}E``}eZ|mXqC?+DOuZ5XTNB6fg$6h&r$k^KO(Wt-4bDvay*RGg?Q-X3pwNR<3E` z5yQE4J*R0Zu<>Yw8>?a-;7D%KqR33LfT)j(D%tYUna6dA}q&%@;JA%CF0z zd=v>U6sQ&6z*>na1=*IiUu9lPQ#TrSy@uC9C|tz4RqQdyZg!^;@vPXKOKsVmBT#kxO&{ z9w7tRWDI0#3@g+`!axqgsYgP#8U+OB`c2QRsA~7vjF)owCsgOe?J@ z6;F~oC+jD!t+0kk?`p88@yXy8Y$#%oTNWQ=_`xoevX>DT}KRJweF0;5lW>>9EhrOJS z0g_YeI3}gwSVLv>eESw$CM8aXfeB#q8=DU6p#>8)NjV8T(ti9%h`cGl{bbc;$Wzot z>_|?T=^MaagNaVKHNlM%T6iYS1hZo7b|Hc~nm`!4KA2yw0gwM;(vD-Qn`iJn#rBuq ztT(w&Jrgaz>$ez81LTnYGik^BN)2+%Z+B)3y*kIWS?uNbt`;A4E7yBI5vEKzm~@I5 z%g;vNJFu#rVF3mx7S4ftb4XZH1+$Uf-!Ddm(WQpa%Bo~{ImCJL;BkIW2e#9#l~$~z zT;t{P{4&{Th#mm&G$Vex**ZW?stSS-43S;8xgUfLvV7k;y&Sw)gyG)&jq5>o-93BW zX<7o;YL3>*U!CmS!MqkBmD9}_SAs~SVRpAu3+$^SqTogf(&qM|t>tHAo9pDASJ7I+ z-_SnEz)ZCb75dRFEcc=iP`z*?3~ph*Y2VQF(!QYu77`4qPH>M z0GjAPY|jvhs*&!xwE}Nc7H0?Q(HqPZ8}<>E6%XuX+$sA9y5}6oep7)uj0e0)t_rjbj41wGWCWz z`xSZ7b^5FOZIzw4Cm!;>EWyo7lI1Q6nBtthQt7i_OPS@G7EL-oy-;PuB&56cWsKM= z!Z~V|VH6&=XsJJ+Yng5MTY5Kdcm(pZ^>1=|Wjq|r+AwZal5s1F_>WAcXX=`^qmH$O z#Ew2Z#2UN%1o&KPk3Hw}4utNVJ}Y>OXPp;t{empHZWrqwyVtYlf|%|BVBu6_ZoHED_%bv;Sv(eFfbNWKx)l(2r*;&Y>hvQ( zNG{&-RXL4T4K}`>RRYh&a#?3Wjsi&!@ReFFoub|=-$6>{>ULCK5X&F;0SoBduE3s4I--nRB2+m2VJ$! z#ttCQZ4s)hCrv)hJ3ZnFIH9$+z}a=BpB=C<&jMZ*y#+R@HCC`8cQhkV?%(6(9??synwRH6RX6-KuLF_94Z)t|GQ^2J!;& zSWNCnZQB*@B(sr*7YfR7$?~01ouT-X%#Z zIP`97L73degJhF~;d3?8(gYIqh@rQ96@mf*cMD7Crx4y#Sm=r*`HELp= z-se;9dwRpVk!cdeOkFzb3`{)~I&T`7>V{W0mN{z}dBSur25}WRQmlDZcP~AipKMr( z140-D`zEEB2sTXLEf=%d>#*$KIgC9i!s(2+40%ETM5ZKjl+k#$Coo9xWpmmr{%L9A zU6s5&6+29>?2Za3x}kN!YQR`F=t^HF zvPCm_S*$RpDjb`Y70UjlaBV+~xs#=tum`o6W8gpxv9F>Lkl_io5_QheZ@w*7FvKpL z^8;bSOO){6g@-IXg_+a{v^6PXlrrMm2lyJ%Qc~Kn@5=dnPS&w<03J>xx{d7IFL6yWjsF~Amq3o)`HP^j_G=6QoC{KV&kj`cw`cy8%MIq6ra%P)LR zlc`#0|7G{KVD95u{5W8Wmicc^IqAyJU|Uxwm~zxmCII^Egz(|XRu;O5EYsTb3!fik z+Tj(Qn>Yd&>)smXwOK+p*T=J5<*4fV2N<4}bD8^L z(KW-hXX`c&PQpQBJ>H_5+gh5sGw0rR_jBfQEP{^;jaS(-KWqLO1-MF^R1wU779XS@ zvt=ie`y+S$v-nD_AP%c3XT=yF=zE~d2*sKuJHzMt5zaWCP*Q;6VYP5AXTPV4ChoeF zJ@Vg9e~X{WdYVNj>6o4QI|;yaxmJSEE> zhc{^%UdFF)LR|^GYkb~wm1O{_cY!?njBB#AL62*d4goGfPYqKIa;tAg{{o}&Et9e) z&g`Oq^Dp;rB_TyF@N6UMu3jbsA27LE6T#k1RQKoeI?Nwy;~mWfMr) zt3dfw^gX-3eikmz82MVAAuvV}b>2tUm*bB}Rgm<_ zjgJM!@idWg(G8KLLJ-+${LWn-5vM`u_7m%X9#2uTi95q6^jP}XdAMxhI(NH#1#uAY zeG(5-s+XckZFYIatwQX~Ot-PGO=rq0z1=mE0+(A-L*f`i(;-qlOu1A3m%NIL7@|tw zXmDg6Yv&vZpHF)Da~{P8mLztc)bAqK_5unC{r!mxN*U+wPY2M{SO}DVnBK`leF7R> zp?>yhU0sgH8SvTSfVbAs>;N8RrA9v)SJ`&Ymg!~5!f2b-xF>>9M>)Z%U98psC7%cS2X$uMf%TaHMkemXY*;tV1RY($shO`4 zHr{7X=e3_t94t1>ElLs3M-Os-N63)avVA6urlrIGE=GQDKC$JCDAMx5^b6XeihH|{ z2d^nt<1@%9?YiMT^3GIj95RuL@+3zXaLjtOyZ@a{oh{&|R#@#*>^a9o0ImtGLaOSI=%3@=w7M2c4d%zYF>XN77MHo8lpL z%zFhya$G#~-Uf9>8=rMQ>2v+=`z;$W-5H|k$RbC7g;hl;YRo|DPS%Oo8{pbnSJ`KT zlxE7xa{%~>#@Z`t9;Q7uhFFsk8*d8^CbqQBr{JqYrlUg$yMR{fN!*9Xz=0gu8r0$(pb4*q4Y$O`-^QpWGgLiU^TjntP7r{sU4`6*1wgyad;g0=W7+XnS+JwIp<5_QTuyFO{8YQZXRvrC zuc-S`YP|DdRF1@<6AlsEo!!G<;R%4Ui48z=$=igUhoZqtb8$RrNrhUu=pyd@xbH+- zB0`$>!L*%)9U@&=-F2uEB-+L1_M!yhABy{v{j%{Uj436(Rz3L2y*t}K`8il>-wGC6 zts{}MCDr|bXRIJ`8ts4Uv=0N2q;k`^2s>-MlOVjNeG_;c2X!};!G592a{WkN6S7v# z`>HeuY50l$$KpejXbyz*{%$@-`q2;j#DY-1or^%7d%o6u*FiTALBjdL#K}XazQbd$ z>UckN!UV4(TRlkNEeE1*{EaY#Q_Lthj=Kdv;+r+&YHxFTfjAXxz~@5P+9J}@3Jiy- zYE%(+zLT_MPD%5YluAN5OK-mGM{htZP+0a~l_ zm<&M_f3PFjewrkYzyJmV2{1D~(yl?1p1bQpDc_6K)tmgZgN}8(xe*82KN6P}A|n@nWWT z8mz>oUc79a>`6V*1)_pOA@3xMYtYT4?x-CetL`x*r~`UiHvl&T3-D^d(fB!{wES`=ZvV4ss}7#-TP0z)~^RK(LBLXn+Pvz%m)WXp1_;5{+3`<$N~DLX7~b&yBCdw!k6j!6O@N{eqZ^Gu#0a~MlikexAVqyx2idrKv>MD ze-ExUy!&_Q$FS~5C?GLoh7t$hbaA$Gd~}`a_!kr>ROte_wR)Bw#9?avSFukM447c; zFeO;0SVfCGYpEq(`tgfg%)HE&g)Saan$Ck^^VvEE=OwUl?*2=RRZNd-z4>7E8EyM` zpKgct`a6vIV7g=f;2%&g-Xqk(U@=C)TwY%ONrU= ziBu3hnfb&=6=Cs5KwDc`3}47(^VX$I{|5_B(190wXtLRA zYAUy7UXFIGp*|1eBLUz9WR*JN6h|^N23-qdk+GqOD=V(90JFad$?^Q;E-%3aS5UfG z2+o!)s8So8vBS@k-4$Fw2O?Q?ryR-ZaI0)$`8c(%e%T4>>RI#4VH`^UShxlhy+oRx zyQryv_B(N0T50zx3e>0Q)N%~u?$z#`aCj5Hklo!v&tw*L z8^$TDW)V{Mu;=;00}{yQ$$DX5a6xPS5vul}11lCK92E;+ZHzKcgj zo&>S3Fa-Y#93|jD>6(?T+@7yVlZ`4jx*FhS!0oc^f-&u_$jSv@e%VU9tx99#lj!nL zthQXmsMEI%^9TDIeFd>Sb^Sl8NXzQ4 zs8rbT#7Bu#jN~km;>}Pzt3%&{_(z@Ph?}MbiHa=4?aN z43i4^9q=zyBk8%_7AZ{-aWiAo)A1c_Wf`Vcu9*ILQ0+(mDw9 zp`ad23zGOUMW=#A84}3iyZUbSfh1|aetr7^yX|FD!S`lw(BByM??zmqz~is4p$r7h{nRYBeGv~8d(4&-)<~gA76t=nVGqqe}4Ek zwNCrWLTF8Rz&cXl0;z~vgG+Y=6bg*kX_0s@voo9O<#=*TfRfxBFbEv|t3Ui>`(4Q^ zV9x`N|6wu#RXsx;L^QZ z<5*Z1YCapuBfYw{Z{*L?388I0bE|2MkWZ4-o0Jh@gZ770-LC&M5HcADUDK?fZ^a7w zcTY-{*HniJsSb*F=o~l;M%=@daE_%vx?dHc{I}<6mxR7x8REOdFrQjiBN}>f&XDr* zj>On`V)OT5@5fu9pPPmuau!6Iyq-A4nrWT>fHnB^nx-00qd#Mrd!X#+~@D)hBJIK}B^4s?OrYzafvZwGzt_9w)vc7YJ!pVI&H znY|8#w|8%pKSBt|A;_QlmX=$cgkh%D9VV8G_!vsvQVU8lhWrSPLz>l7bFC+WVOSQQ*GWsY zZ@}OWVvoOgKW0IHFoMu6{&O}=Ec+DUg$>O-b{UZDo5k3GJMIjcy6B9unWw}{@KKmP z31cs%Q2u%uI?nJ9a>}}n5k<^wtbxQS(IYI6`6?H%lFF)Tf!pE$am;UUS(+9$E!4@c zo>Eo{h>Q?w!6;{mhSl83}xD#+N-U|4UHlV1It{KVhoayzOcWip0M zen}sUnd}0I|H(Z}DDdSZvF}U5l8H>;h>-5ipw3#V?59DW>+Hpm^lvloKCV>DNzxHJ zWd)ybt$9|wm}by+aJQ8Hcs%013J-)x z%V2z$*bq~ftwgQw(1Ab=aTuvjHSd1zh;JpfL@5PpR$InKz)+93ri%C*v%n^cE=rYB ztQuOaRGh*HkDl~N2d9Q&I4Ctkb|9#Z{(196+ec4~;{ ziI>O)kk05yI=)=UT+nvL6B8aGuwL2_w+xZAH-))34vuI+TFKvfC%QtpRQnx)@AIpm zaxD`V*7PY>%TM$7lmmIaa|_bAM*~ZW9KoD{E+HRg3#yhre3MpYw5ph=gY6}>x4>cP zM=Q|sy<9=kkKjg_maPj95|S~v9sU}D8tKvdk^lO=2e3Dm4iWNsIMp^Iy1saTjxu-L zZ%=LtA3W8KO4$k9@1h+Pwrq0M`|eq{2)WU3bpNfihtu5fg(y(3`_D>Nh8g5^y=y;| z9Bgvpc$nV*ioe{O^gr-|M!q=Q8*_Kw>4jX>IBZ;B6LI?=bltpmv}2e%th?tBd^5Y) z{v4TF)BOT}wH9At@3(YAWS@qag`F2R{M+iWz}}w!V%@o$*i=c#<0pkaz z(pJF@{1)cs<8$TMh2ICm%Vav{N3Kxwi4MO0?$=$lZi;u$g-|&&)2-8o33oL}k>&+Y zHBh^+*T|q->4Iknmdj_FnjXk_e-{kLDS!Abhb4xA+ff)6v91E?J1+$pxw~h{VBmUp z?0g^h9D%wD_}WLmCdY;;@jkH@h7B8F0bVxe!G9m5-kj%H>-eqGmPk3}Ph*Hbxk>%M z_IXo*$Xb1P?-~C4PsrQ%3zBXRsm0h=8Hj!B6K!*m9QzxR8nH-fTiFTyYu(`IGSEy% zn6n=bH<~s;{$NX0*gPzyFtRf(NA#_%1>C;QP}e!$!e0peOzD%F{^KA^;^HkDr?DDMgL@pTVAG6r!=ihh8 z>G*#w)WWR{I|#TonmA;U($*kWw4)@yh*hAos(d%`pQ2QT6q#d~t5sxl=3!ti{#g$* zhV7Yq26N*?v(fcW2no#FM~OQMRAPZw;ed^z)1jIyX;9yGC{>} zSbEQgT8(4W{QL8T8B8*PL3GF4d<1KR%_kQ}#?^^C7E@SM6{KA)gDmPA%J8)j`%gkYMK0yqw~HFGg_YR zqiIH_xu24P#2xIfNGu~1tF+r&MvzrOI&6;zq}b>Hs65}()Eswy4k_S#hAGcLcR5cs zOFH{iQ}rz!TeO`@7sEbeIt6B~rQ-nVg&kT5qs0}Nm1{ryTBZnT#7xZL(!&ki$Nyrj zBhC0!Z1PPz-bjtH#?q1ZEOq22J4`=Y4V=X2b)#ydKrdGZV?D969b2Ltd-WvE3}^e+ zIyXojtAk+=KW?}ZSM>2l?rMYwl}(03-GylArEre*NE_li8^Dgye3}+kdrEkHJxXJ! zj|jX-y9dDhX@ogP0K13B@*_R-sl~X%&r&@W$@tk1Wh`W~qEt_!0r@fdp_dFRCgxF_ z`_6_;LjRD?-&Laaox5v?qS;Q%A^abvT_LyC>B^80Wyr37=>LW5kXa>xHAQ5~e_FnC z{{LYAzZmjgzpN8~1ji7Rfv!IT>Osv^)Loy%w3DwY{-E>8%jhItao4V2)||+w!uVJ6 z$zmjKaG$P4=lvBYyrY`phVdhUlNIfGZsR-{vNkgR@CS?hXeZU+?tgW0uJKGLZXBOW z8?uNw*py4h?YM2oCDhz6QO${yOUuaG!Sn(ZViJXj-(t#`P^F zxe8z}c2UzowomKRoXir$%Zsobo?N`U$cF)j`Iwiz!Obtu~ zkUhNN!tqb1ttnKd$7dTkZ^JE9NIrE1m;|=tLK}U4buqT{d*l`MQC-Dtj=pOv>JJ%9 z@MG1X(8QcC%?+bP&xdz4xD;Or(e#qxc%ILIs5jecOFjc07k&OOQ#si{`56QaQNLuv zz3IuG20)#fj7d2s{=ACLWd;>1qba&ObuwaelYmN(cr4{Ag5o=&V(Tg z+Vp=6u=k|Lef~`5tMbz??~|dq-gaGwndE*bAbR&T|af@MAxn5 z#f@P=r$m*&;qJ^Fc5}1)jxcbM0yxQ6s`9AX4t{SGG15*&kp*~C`}OlWs~o|3w4&eY zoqZmr%x+J{s`ka?aAFEnixtsGG*VNE6q_rJ702ptHolTpJ0#A{N|~~sKWtL&!SM3< zo!#`&$x7;MP>v#&W>qwe=RAcx6WnyENqvl4PIWR>zW;bs7;;La%G$&MEDvKn49bio za%`JJ-_@R>?2VuPg|~3lWv#Yil4KF7`@7V?U@d>jdS;rva97^8>%!5*Mie`(Pi{K- z|55(K&i^9)VgqAS=PEA|5^j1*rlKe zmq#~{LDI>CovoN*73Uq0Dm`gL0L4}o5+&NQw=GKWhQcE6Yfvp49B%^8^Fa@Me)jSt zJwt(PtU(lt<^y7@i+XehW&9iH0{aJc5B;4t? zckTp;{B=gLeSKEnmiT%Jz;%g+0rkR&c^JSrsb!l`8$|>_);^Pb;)8+db);Be3O7t? z4qHA-uo271F?u{n$P5yQOi!l+2y0pJ355$qm4BWUwImPaTW!ZLT*(r-s5bwU32mOA;z-({66m_Uim{}~ zk&ctK+Ox$0D#kob<-Qr9RTEA}sf%pk{bX~W8+J-o;-Znn_%U))O5unZ#8vavK+BTw z1MXGK{sdT7 zqA*}Bz!`Jj5YI-8)nL%$`;`vPoxyP-v(v1_+Ty~>`*u;}@whN^kwwzcxRP0@-dZ(;A5{5Lf zre1V@JB!Q<7QH&u$H+S^ndx4n7FGe@0O+i_7u~g~xZ6UF^8hOaJNrni@l3@iR{kfs zqL*NW=fJN93y^r@);idMUnKFHJ9S#OOju}NaW&J|!x+~7ohuJ49`A%SMy5?R*wtu1 zu%X4Q#3()wO=#{X;Uzyq(XQeHRFyZHwA|}Mgy>ju(wK*vZW$oK;NYRIGb_3Y2I{7< z=0G{X6PpQ2Z$2&WwsR=uC(FGcg+7^>?fiw1q){Ku@@G|i`$ewY{6PhJc1ujHCp>yQ z?_NWyj5DBI5DlSEu)E<K?3rdU;+*(^=jECY*qX6j)spZ14eRfEhZEH_ zeyEuGr5ynV03^iVXgRdd&yi#2xA(B