Disable Reused Password Notification?

Why is 1Password not offering me a way to disable the reused password notification?

Why is the UX/UI team unaware of the extreme effects this has on usability?

Why is 1password acting like a paternalistic government?

Take my money, store my passwords, Offer me features that I can choose to use. I do not invite you to do more.

This is pathetic. Switching to competitor in 30 days if not addressed.


1Password Version: 7.2.4
Extension Version: Not Provided
OS Version: 10.14.2
Sync Type: Not Provided

Comments

  • LarsLars Junior Member

    Team Member

    Welcome to the forum, @leave1password!

    We tend to respond as well as most humans to ultimatums, and we're also a decent-sized security company with a lot of priorities on our plate, so my suspicion is that we probably won't meet your thirty-day deadline. But regardless of timelines, if you feel another product or solution would best suit your password-management needs, then by all means - assuming your solution isn't sticky notes on your monitor or re-using the same password everywhere - we're happy if you're happy. We want satisfied users, not ones who feel trapped or upset.

    That said, our user-base is large enough that literally every decision we make will delight some users and upset or outrage others, so our usual approach is to take in as much feedback as we can and use our own judgment about the best way forward, knowing that we quite literally can't please everyone.

    Why is 1Password not offering me a way to disable the reused password notification? Why is the UX/UI team unaware of the extreme effects this has on usability?

    This has been addressed in multiple threads in this forum already, so please feel free to browse those if you'd like a fuller discussion of the issue, but briefly, we are indeed aware. What we're looking into are ways to allow greater flexibility for more-advanced users while not allowing newer, less-sophisticated users to turn off warnings they probably should be seeing without being able to just dismiss them in such a way that they may not even know they're no able to see these warnings even when they're appropriate/necessary. But again, since we're not likely to have that concluded within 30 days, you may want to take that into account. Thanks for writing in to let us know your wishes on this issue, and good luck with whatever you end up deciding! :)

  • I could not love this response more if I tried!! Kudos!

    That being said... I add my vote for "an advanced mode to disable notifications for users who know better but choose to live in blissful uncertain insecurity."

    Of course, I'm not one of those per se... (I may have a couple of intentional duplicates, but not as a general practice)... however, there are stubborn people in my life who use 1P more as an "auto-login" system and who will never, ever, ever do as we all recommend by having secure, impossible to remember, and unique passwords for every account.

    Alas, these folks (mostly older and the most vulnerable, I propose) insist on still having only one or two passwords that they know and can remember, and they use them for every account everywhere, only using 1P to track what sites for which they have accounts and to auto-populate the login window for them. They will never change. No matter how much data I present to them, no matter how much I assure them that it's safe and smart. It just won't happen.

    Likewise........ they also won't stop asking me how to make that warning go away, which finally brings this overly-verbose post to its point:

    I understand any organization has to balance the intended method and application of their product with the various real ways the end-users could use the same product. So, while I shall refrain from tyrannical demands of expedited resolution deadlines, I do hope this feature can appear somewhere on the bottom of a developer's "to do" list. :)

  • LarsLars Junior Member

    Team Member

    @eFlat7 - thanks for the kind words! We really don't enjoy disappointing users, despite what it apparently seems to some people. But we've grown to a size where our user base is diverse enough that we sometimes have people advocating for literally the exact opposite things from one another, in different threads. No matter what we do, someone's not going to be happy. :(

    I do hope this feature can appear somewhere on the bottom of a developer's "to do" list.

    It already is, in the sense that we're quite aware there's a decent chunk of users who'd like to be able to defeat or suppress these warnings, and not without reason. It's more in the "we need to figure out how to do this in a way that's secure and works best for everyone" stage, not the "we've got a roadmap and it's happening soon" stage. But yes, it's something we're continuing to look at/work on. Thanks for adding your voice and your positivity to this thread. :)

  • I know I am kind of resurrecting a dead thread, but have you considered an option where an advanced user can tick a box that says "If login is identical in all aspects (modified on, attachments, fields, etc) and is in a different vault, do not display duplicate password warning" or similar? I have shared vaults with different people or persons which include the login to various services (Netflix, etc) and I would hazard a guess that 90% of my duplicate logins fall under this scenario. It would be great if a starting point was to eliminate identical login entries from the list!

  • brentybrenty

    Team Member

    It's something to consider, but the problem is that most of the people requesting this sort of option are not dealing with completely identical items, so it wouldn't help very many folks. I think we need to allow for some flexibility.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file