Feature suggestions (password gen, Watchtower)

Maybe half of these get chalked up to my ignorance! See picture at bottom for #1 and #2 (ignore the word "text")

1 Password Generator History

I find that I regularly lose recently generated passwords. Yes, they're available in the "passwords" sidebar option, but they're not sorted in a way that I find useful. Easily finding the last generated password (or last 3?) would address my dumb mistakes (e.g. I go to manually update the login and press "copy" instead of "edit") and lose the generated password.

2 Sniff for symbols

More and more websites permit only a small number of symbols in passwords (e.g. "you may only use +-/@$", etc.) Create an option within the password generator to do a regular expression search for, say, 5 special characters in a row on the current page. There's a pretty fair likelihood that those are the only permitted symbols. Then optionally restrict the generated password symbols to the sniffed ones.

3 Generated duplicates ain't duplicates

A single password generated within Firefox for example.com is saved twice (once for Firefox, once for example.com) and reported as a duplicate. Since I'm striving to improve my security hygiene, this is an unwanted distraction that makes me falsely believe there's a problem.

4 Watchtower report enhancement

The watchtower reports are great! To make it even better, optionally show weak passwords in date order. I'm much more concerned about recently used weak passwords than the throwaway password I created for some now defunct site years ago.


1Password Version: 7.2.4
Extension Version: 1.14
OS Version: OS X 10.14.3
Sync Type: Not Provided

Comments

  • LarsLars Junior Member

    Team Member

    @boberonicus - no worries! Thanks for the comprehensive post.

    Yes, they're available in the "passwords" sidebar option, but they're not sorted in a way that I find useful.

    Sort order can be changed quite easily in 1Password for Mac. Click the Passwords category in the sidebar, then at the top of the items list, click the "Sorted by" drop-down caret, and change to either "Date created" or "Date Modified" (which includes creation date).

    More and more websites permit only a small number of symbols in passwords (e.g. "you may only use +-/@$", etc.) Create an option within the password generator to do a regular expression search for, say, 5 special characters in a row on the current page.

    We are indeed looking at ways to refine the password generator for upcoming versions of 1Password. The unfortunate reality is that while you're correct that some websites do restrict to only certain characters/symbols, often it's impossible for users to even see what these requirements are until AFTER you've violated the rules -- then (and only then) will you see a pop-up that shows you what the parameters are. Why sites continue to do this, I have no idea...but it's not uncommon at all.

    A single password generated within Firefox for example.com is saved twice (once for Firefox, once for example.com) and reported as a duplicate.

    Not entirely sure what you mean here. If you mean that Firefox is also saving a generated password, then we do recommend that you turn off your browser’s password manager. If you meant something else, can you clarify what's being duplicated? There should be only one password item saved in 1Password for each generated password.

    The watchtower reports are great!

    Glad you like them! :) To be clear, however, you appear to be using only the 1Password X/web Watchtower reports. The information you gave along with your post says you're also using 1Password 7 for Mac -- if you use the Watchtower reporting section here, you'll find it more configurable in many ways like this: here again, you can set the sort order using the caret at the top of the item list in Watchtower, just as you can with any other category. Hope this helps! :)

  • Thanks Lars! Maybe the second best thing about this product is this forum.

    Sort order can be changed quite easily in 1Password for Mac.

    Got it; I spend most of my time in the browser extension. Guess I'm OK opening the the full client to get what I need. There must be a lot of discussion about what features go in extension vs. full client, consolidating the two, etc.

    [allowed symbols] often it's impossible for users to even see what these requirements are until AFTER you've violated the rules --

    100% true. Is there a subset of symbols that are generally considered safe? Maybe an option to just use those? Sure, it would decrease password entropy, but also user frustration. When my password is 20+ characters long, I fine if *#@ are the only included symbols.

    A single password generated within Firefox for example.com is saved twice (once for Firefox, once for example.com) and reported as a duplicate.

    Not entirely sure what you mean here. If you mean that Firefox is also saving a generated password, then we do recommend that you turn off your browser’s password manager. If you meant something else, can you clarify what's being duplicated?

    Browser is not set to save passwords. I will try reproduce and open another thread.

    if you use the Watchtower reporting section here, you'll find it more configurable in many ways like this: here again, you can set the sort order using the caret at the top of the item list in Watchtower, just as you can with any other category.

    Here's what I mean. No apparent option to sort weak passwords by date:

  • LarsLars Junior Member

    Team Member

    @boberonicus - thanks for the kind words! I'll make sure Ben, brenty, bundtkate, and others see this. :)

    There must be a lot of discussion about what features go in extension vs. full client, consolidating the two, etc.

    You've no idea, LOL. Heck, even I don't know the full extent of it. ;-) In fact, we've got some exciting new on the horizon if you're a user of 1Password X. Stay tuned! :)

    Is there a subset of symbols that are generally considered safe? Maybe an option to just use those?

    I wish. Unfortunately, though there are trends, it's not universal enough to make such a subset a real boon -- it would help in some circumstances, but just be an annoyance in others. But we are indeed looking at refining the password generator for future releases.

    Here's what I mean. No apparent option to sort weak passwords by date:

    Son of a.... 😳OK, now I'm embarrassed. That option is available in other views (to sort by Date Modified or Date Created); I just assumed it was available there as well (though obviously I've never used nor even tried that feature). I'm not sure why it would've been restricted to only a password strength view option in the Weak Passwords category; I can't think of one off the top of my head, and I can certainly see your use-case. I'll file a feature request for it, and thanks for the suggestion!

    ref: apple-3133

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file