WASHINGTON — The government’s own watchdogs tried to hack into HealthCare.gov earlier this year and found what they termed a critical vulnerability — but also came away with respect for some of the health insurance site’s security features.

Those are among the conclusions of a report being released today by the Health and Human Services Department inspector general, who focuses on health care fraud.

The report amounts to a mixed review for the federal website that serves as the portal to taxpayer-subsidized health plans for millions of Americans. Open enrollment season starts Nov. 15.

So-called “white hat” or ethical hackers from the inspector general’s office found a weakness, but when they attempted to exploit it like a malicious hacker would, they were blocked by the system’s defenses.

It’s the second independent security assessment in as many weeks to find problems, and it comes on the heels of the massive breach at Home Depot stores, which affected 56 million credit and debit cards.