Security Audit issue with find duplicates

Options
Darrell
Darrell
Community Member
in Mac

Just saw the blog article on the security audit feature - so I gave it a shot, and it did find several issues with some passwords I don't have great passwords for, however, I also found some issues with the find duplicates feature.

With the duplicates, there were many false positives that I had to scroll through in order to get to the real issues. It found 202 duplicate passwords, but only about 20 or so were actual issues. The rest are due to the feature looking at both logins and generated passwords. Of course a stored generated password is going to duplicate the related login entry. This feature should only look at logins, or at least ignore a generated password that is for the same location as a login.

Comments

  • sjk
    sjk
    1Password Alumni
    Options

    Hi, @Darrell.

    Thanks for mentioning this.

    To reduce the number of "false positives" under Duplicate Passwords, here's a helpful tip from our friend @Stephen_C in a related Duplicate Passwords Audit - Showing Both Password and Login topic:

    If you right click on it and choose Remove Redundant 1Password will scan and remove from Passwords any passwords that have exactly the same password and login URL as a saved login. (You can do the same thing by going to Help > Tools > Remove Redundant Generated Passwords.)

    Said another way:

    Running RRGP lets 1Password scan for all Login and Password items that have exactly the same password and the same URL, then offers to Trash the Password items. Any Login items are always retained.

    We are considering ways Duplicate Passwords might be optionally filtered to exclude certain items from being listed there.

    I hope that's helpful. :)

  • tanc
    tanc
    Community Member
    Options

    I came here to make exactly the same point as @Darrell .

    I tried the "remove redundant" passwords option as mentioned, and while it greatly reduces the number, I still have 20 items which are "false positives" which for whatever reason the "remove redundants" option decided weren't... The option of not including generated passwords in this list (and in fact in many other places where they end up cluttering things) would be very helpful!

    Cheers!

  • sjk
    sjk
    1Password Alumni
    Options

    Hi, @tanc.

    Of those 20 remaining items how many do you actually want to keep? Maybe some can be manually deleted or modified so they'll disappear from Duplicate Passwords?

This discussion has been closed.